Security Directory

A

Amomed Pharma GmbH

amomed.com

0

Amomed Pharma GmbH is a medium-sized healthcare company specializing in pharmaceutical products for intensive care, emergency medicine, anesthesia, psychiatry, and neurology. The company operates as a member of the AOP Health Group, providing critical care medications aimed at reducing mortality and improving quality of life. The website targets healthcare professionals and institutions, offering product information and therapy solutions. Technically, the website is built on WordPress with a PHP backend and uses common web technologies such as jQuery, Bootstrap, and Font Awesome. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a significant security concern. Security headers are partially implemented, but critical configurations like TLS protocols and cipher suites are missing. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Contact information is not readily visible on the homepage, limiting user trust and engagement. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy to meet modern standards.

D

Donauchem GmbH

donauchem.at

0

Donauchem GmbH is a medium-sized chemical distributor operating primarily in Austria and Central/Eastern Europe. The company specializes in the distribution of chemical raw materials and offers tailored product development through its own research and development department. It serves diverse industries including food, pharma, cosmetics, agriculture, and manufacturing. The website reflects a professional business with clear branding and a comprehensive product portfolio. Technically, the site is built on ASP.NET Web Forms with Kentico CMS and hosted on Microsoft IIS. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Privacy compliance is well addressed with a privacy policy and cookie consent mechanism in place. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

The website madanyu.org is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block page, which prevents access to any substantive content. The domain is very young, registered in October 2024, and uses privacy protection services for WHOIS data, which obscures registrant details. No business information, contact details, or policies are publicly available on the site. Technically, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The DNS is managed via Cloudflare, but the absence of a valid certificate and enabled TLS protocols severely impacts security posture. Overall, the site appears to be in an early or unestablished state with minimal digital maturity and poor security hygiene.

G

Globo Lighting

globo-lighting.com

0

Globo Lighting is a well-established European retailer specializing in a wide range of lighting products, including indoor and outdoor lamps, ceiling lights, wall lights, and decorative lighting solutions. With over 25 years of market presence and multiple physical showrooms, the company offers a comprehensive e-commerce platform with detailed product information and multiple language support. The technical infrastructure is based on modern technologies such as Shopware CMS and is hosted on Google Cloud, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are properly configured, but the absence of HTTPS significantly weakens the security posture. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. The domain is mature and registered consistently with the business profile, enhancing trustworthiness. Overall, the website provides an excellent user experience and professional content but requires urgent security improvements to protect user data and enhance trust.

C

Chrisanne Clover

chrisanne.com

0

Chrisanne Clover operates a professional e-commerce platform specializing in premium dancewear, including competition couture, practice wear, fabrics, and crystals. The company targets dancers and dance enthusiasts, offering bespoke couture services and a wide product range. The website is built on Magento and hosted behind Cloudflare, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for privacy compliance. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the business presents itself as a reputable and established player in the dancewear retail sector, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

D

Delegate Healthcare Solutions LLC

delegate-group.com

0

Delegate Healthcare Solutions LLC operates as a leading manufacturer of foodservice software tailored for communal catering environments such as healthcare facilities, educational institutions, and senior living communities. The company offers a comprehensive suite of software solutions including patient service, foodservice management, full-service catering, and key functionalities like enterprise resource planning and menu ordering systems. Their market position is strong, supported by partnerships with notable clients and a clear focus on delivering integrated, cloud-hosted, and mobile-optimized solutions. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with a CMS likely based on Strapi. While the site demonstrates excellent content quality, branding consistency, and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols. Privacy compliance is addressed through Cookiebot, ensuring consent mechanisms are in place. Overall, the business presents a credible and professional front but must urgently address its SSL/TLS configuration to improve security posture and trustworthiness.

M

MMX e.U.

silberdraht.agency

0

Silberdraht Agency is a small Austrian online marketing firm specializing in services tailored for the BestAger demographic (age 50+). Founded in 2019 and operated by MMX e.U., the agency offers website analysis, creation, optimization, search engine marketing, social media marketing, and newsletter distribution. Their market position is niche-focused with a dedicated team and partnerships that enhance their service offerings. Technically, the website runs on WordPress with popular plugins and themes, but lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow or unmeasured performance. Security posture is weak due to missing SSL and security headers, and privacy compliance is minimal with no cookie consent mechanism. Overall, the business appears legitimate and consistent with its domain registration data, but security improvements are urgently needed.

W

wphelp24.com - Your 24/7 WordPress Support Hub

wphelp24.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 24 security findings identified across all modules.

G

GS1 Austria

gs1.at

0

GS1 Austria is a well-established non-profit organization serving as the official barcode and GTIN issuing authority in Austria. It provides a comprehensive suite of GS1 standards and services to businesses across multiple sectors including retail, manufacturing, transportation, and government. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding supported by major corporate clients. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates Google analytics and marketing tools, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via contact forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

G

Gymnasium Camphusianum

camphusianum.nl

0

Gymnasium Camphusianum is a small, community-oriented gymnasium school located in Gorinchem, Netherlands, providing secondary education focused on broad academic knowledge and personal development. The website reflects a well-structured educational institution with clear communication channels, active social media presence, and comprehensive privacy and cookie policies compliant with GDPR. Technically, the site is built on WordPress with modern plugins and themes, leveraging Cloudflare CDN for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. This exposes users to potential data interception risks and reduces trustworthiness from a security perspective. Overall, while the content and business credibility are strong, the lack of HTTPS is a major vulnerability that must be addressed promptly.

L

Lorencic GmbH Nfg. & Co KG

lorencic.com

0

Lorencic GmbH Nfg. & Co KG operates as a medium-sized company specializing in construction services and products, including workwear, reinforcement fabrics, construction profiles, diamond cutting discs, and rental of construction machinery. The company targets construction professionals and contractors primarily in Austria and surrounding European countries, as evidenced by multiple country-specific domains. The website presents a professional design with clear navigation and relevant content, supporting its business model as a B2B supplier and rental service provider. Technically, the website runs on an Apache server with Ubuntu, utilizing common JavaScript libraries such as jQuery and Bootstrap for frontend functionality. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Performance metrics are unavailable, and mobile optimization is basic but functional. The site includes cookie consent mechanisms and basic privacy policy compliance, though more advanced privacy and security policies are lacking. From a security perspective, the lack of HTTPS is a critical vulnerability, exposing users to potential data interception risks. No advanced security headers or incident response information is published, and session management could be improved. The site uses Matomo analytics with user consent, indicating moderate user tracking with some privacy compliance. Overall, the security posture is weak and requires urgent improvements. Strategically, the company should prioritize implementing HTTPS with a valid certificate, enhance security headers, and publish clear security and incident response policies. Improving privacy compliance and expanding trust indicators will also strengthen business credibility and user confidence.

Summit Printing LLC operates as an established online commercial printing company founded in 2010, offering a wide range of printing services including banners, brochures, business cards, mailing services, and graphic design. The company targets businesses and graphic designers across the United States and Canada, leveraging multiple plant locations to provide fast production and free shipping. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses PHP 7.0.33, jQuery, Modernizr, and is hosted behind Cloudflare with LiteSpeed server technology. However, the absence of a valid SSL certificate and HTTPS implementation is a significant security shortfall. Security headers such as HSTS, X-Frame-Options, and X-Content-Type-Options are present, but the lack of TLS protocols and certificate transparency compliance reduces the overall security posture. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site scores moderately on content quality and business credibility but is penalized heavily for security deficiencies.

E

Eti

etietieti.com

0

Eti is a well-established Turkish food manufacturing company with a strong market presence and a diverse product portfolio including biscuits, chocolates, and health-oriented food products. The website serves as a comprehensive corporate portal providing product information, recipes, corporate governance details, career opportunities, and social responsibility initiatives. The site targets consumers interested in quality food products and healthy nutrition, leveraging a consistent brand identity and multiple language options for international reach. Technically, the website is built on ASP.NET WebForms and uses modern JavaScript libraries for UI enhancements. However, performance metrics are lacking and the site suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Social media integration and partner links enhance the brand's digital ecosystem. Overall, Eti's website is professional and content-rich but requires urgent security improvements to meet modern standards.

R

Rail Cargo Group

railcargo.com

0

Rail Cargo Group is a well-established rail logistics provider operating primarily in Europe and Asia, offering a broad range of freight and logistics services including wagon loads, intermodal and multimodal logistics, and railway operations. The company targets businesses requiring efficient rail freight solutions and maintains a strong market position supported by its parent company ÖBB. Technically, the website employs modern JavaScript libraries and custom corporate scripts, with a focus on accessibility and SEO, though performance data is unavailable. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, despite good security header implementation. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, with Matomo analytics used for privacy-conscious tracking. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

The website kphgraz.at is currently inaccessible, returning an HTTP 403 Forbidden error indicating that access is denied due to insufficient permissions. The site lacks any visible content, metadata, or structured data, which prevents a full analysis of its business or technical attributes. The hosting provider is identified as World4You, an Austrian hosting company, and the domain is registered consistently with the website's country. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. No privacy, cookie, or terms of service policies are present, and no contact information is available, which further reduces trust and compliance levels. Overall, the site appears to be either misconfigured or a placeholder without active content.

E

ekey biometric systems GmbH

ekey.net

0

ekey biometric systems GmbH is a medium-sized Austrian technology company founded in 2002, specializing in fingerprint-based access control and smart home integration solutions. The company holds a leading market position in Europe for fingerprint access systems, offering a range of products including door-integrated fingerprint readers, wall-mounted units, and retrofit kits. Their business model focuses on manufacturing, sales, and providing support and training services. The website reflects a mature digital presence with multilingual support and comprehensive product information targeting homeowners, businesses, and smart home users. Technically, the site is built on WordPress with modern plugins and analytics tools, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Security headers are well configured, and privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

T

Tyco

tyco.com

0

Tyco, a subsidiary of Johnson Controls, is a mature enterprise-level provider of integrated security products and solutions, including access control, video surveillance, cloud services, and fire suppression. The company targets commercial and enterprise customers globally, leveraging a broad partner ecosystem and multiple subsidiary brands. The website demonstrates a professional design with good content quality and clear navigation, supported by modern technologies such as Sitecore CMS and Bootstrap. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses risks to secure communications. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the domain registration and WHOIS data confirm the legitimacy and maturity of the business. Strategic improvements in SSL and TLS configuration are recommended to enhance security and trust.

Tarian Group, LLC is a large US-based security services provider specializing in guarding services, integrated security technology, risk advisory, and preparedness training. The company targets critical infrastructure, government, healthcare, commercial, and residential sectors, positioning itself as North America’s fastest growing security provider with a client-centric and innovative approach. The website is built on WordPress with the Divi theme and several plugins, showing a modern but somewhat basic technical infrastructure. However, the absence of HTTPS and SSL certificates is a significant security shortfall. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and multiple licensed office locations. The security posture is weak due to lack of HTTPS and missing security headers, but no active vulnerabilities were detected. Overall, the site is professional and trustworthy but requires urgent security improvements.

D

DORDA Rechtsanwälte GmbH

dbj.at

0

DORDA Rechtsanwälte GmbH is a leading Austrian law firm specializing in business and economic law, offering a broad range of legal services including transactions, restructurings, and digital transformation advisory. The website reflects a professional and comprehensive digital presence with excellent content quality and user experience, targeting business clients nationally and internationally. Technically, the site is built on Drupal 10 with modern features such as video backgrounds and Matomo analytics, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of HTTPS and security headers significantly lowers the security posture. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

The website denkstatt.sk currently serves as a parked domain page primarily linking to Regery, Ltd., a company specializing in domain registration, SSL certificates, and web hosting services. The site content is minimal and focused on redirecting users to Regery's main platform for domain and SSL management. The technical infrastructure relies on Bootstrap and particles.js for frontend presentation and is hosted behind Cloudflare DNS services. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Additionally, the website performance is slow, with a load time exceeding 15 seconds, and there are no advanced security headers or privacy policies implemented. The WHOIS data presents suspicious future creation and update dates, which undermines trust in the domain's legitimacy. Overall, the site functions as a placeholder with limited business information and weak security posture.

I

Innconcepts IT GmbH

innconcepts.at

0

Innconcepts IT GmbH is a specialized Oracle Partner providing innovative hospitality software solutions tailored for hotels, gastronomy, and wellness sectors. Their offerings include cloud-based hotel and restaurant management software, wellness and leisure software, and comprehensive hospitality IT services. The company positions itself as a customer-centric and authentic partner, emphasizing personalized service and modern technology adoption. The website reflects a professional and consistent brand image with excellent content quality and clear messaging targeting hospitality industry professionals. Technically, the website is built on Drupal 10 CMS, hosted on Apache servers with modern JavaScript libraries such as Alpine.js and AOS for animations. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside a compliant cookie consent mechanism. Performance is fast, mobile optimization is excellent, and SEO practices are good. Security headers are present, and the SSL certificate is valid, although HSTS is not enabled, which is a recommended improvement. From a security perspective, the site demonstrates good baseline security practices with no detected vulnerabilities or exposed sensitive data. However, the absence of a dedicated security policy or incident response contact and lack of security.txt file indicates room for maturity improvement. Privacy compliance is well addressed with cookie consent and a privacy policy, but terms of service and data protection officer contact details are missing. Overall, the website and business present a trustworthy and professional front with moderate to high security posture and good privacy compliance. Strategic recommendations include enabling HSTS, publishing a security policy and vulnerability disclosure mechanism, and enhancing transparency around incident response to further strengthen trust and security culture.

U

United Nations Commission On International Trade Law

uncitral.org

0

The United Nations Commission On International Trade Law (UNCITRAL) operates as a key intergovernmental organization under the United Nations, focused on developing and harmonizing international trade law frameworks. The website serves as an authoritative resource for legal texts, working documents, technical assistance, and research related to international trade law, targeting governments, legal professionals, and trade stakeholders globally. The organization is well-established with a mature domain and consistent branding aligned with UN standards. Technically, the website is built on Drupal 7 with common web technologies such as jQuery and Bootstrap. While the site demonstrates good content quality, navigation, and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts its security posture. Performance metrics are unavailable, but the technical stack suggests potential modernization needs. Security-wise, the site implements some security headers but fails to provide a valid SSL/TLS configuration, exposing users to risks and undermining trust. Privacy compliance is minimal, with no visible cookie consent mechanisms and only a basic privacy policy linked externally. Contact information is not explicitly provided on the homepage, limiting direct communication channels. Overall, the site is credible and authoritative but requires urgent security improvements to protect users and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, enhancing privacy and cookie consent mechanisms, and modernizing the technical infrastructure to improve performance and security.

P

Posthotel Achenkirch GmbH

posthotel.at

0

Posthotel Achenkirch GmbH operates a premium 5-star adults-only hotel located in Tirol, Austria, specializing in wellness, gourmet dining, and active holidays. The website presents a rich, multilingual content experience with clear business information and strong branding consistency. Technically, the site is built on TYPO3 CMS, uses modern JavaScript practices, and integrates marketing and analytics tools such as Google Analytics and Usercentrics for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing visitors to potential risks. The site implements basic security headers but lacks advanced protections like HSTS and OCSP stapling. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business is credible and well-positioned in the hospitality market, but urgent security improvements are needed to protect user data and enhance trust.

C

ConVista Consulting AG

convista.com

0

ConVista Consulting AG is a leading SAP and IT consulting firm based in Germany, specializing in digital transformation across multiple industries including insurance, energy, healthcare, and manufacturing. The company offers comprehensive end-to-end solutions, combining deep industry expertise with technological innovation. Their market position is strong, supported by multiple industry awards and certifications such as SAP Gold Partner and Great Place to Work recognitions. The website reflects a professional and well-branded presence targeting enterprise clients seeking SAP and IT consulting services. Technically, the website is built on WordPress with modern optimization tools like WP Rocket and uses a variety of JavaScript libraries including jQuery and Swiper.js. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. However, the technical infrastructure shows weaknesses in security, notably the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Security posture is currently basic, with several HTTP security headers implemented but critical SSL/TLS deficiencies present. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies and consent mechanisms in place. Contact information is transparent and comprehensive, including phone, email, physical address, and contact forms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility. Strategically, the company should prioritize obtaining and maintaining a valid SSL certificate and enabling modern TLS protocols to secure all communications. Enhancing security best practices will improve trust and compliance, supporting their strong market position and client relationships.

The website dyna-meet.at is currently inaccessible due to a Cloudflare anti-bot challenge page, which prevents access to any meaningful content or business information. The domain is registered and configured with DNS records including Google MX servers and Jimdo nameservers, suggesting the use of Jimdo as a website builder and Google Workspace for email. However, the lack of a valid SSL certificate and absence of HTTPS severely impacts the security posture. No privacy, cookie, or terms of service policies are detectable, and no contact or business information is available on the landing page. The site performance is poor, with a very slow load time likely caused by the challenge mechanism.

H

Hartlauer Handelsgesellschaft m.b.H.

hartlauer.at

0

Hartlauer Handelsgesellschaft m.b.H. operates a large retail and e-commerce platform focused on optics, photography, mobile phones, and hearing aids in Austria. With over 160 physical stores and a comprehensive online shop, it serves a broad consumer base with premium products and services including free eye tests and hearing aid trials. The website is professionally designed with excellent content quality and user experience, supported by a modern technology stack primarily based on Salesforce Commerce Cloud and integrated marketing and analytics tools. However, a critical security issue is present due to the lack of a valid SSL certificate and absence of HTTPS, severely impacting the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and the company demonstrates strong business credibility with clear contact information and trust seals. Strategic security improvements are urgently needed to protect user data and maintain trust.

F

Forerunners Network

roadmap2050.at

0

Forerunners Network is a German-language media platform based in Austria focusing on ESG (Environmental, Social, Governance) topics, infrastructure, and sustainability. It offers news articles, podcasts, videocasts, and a newsletter subscription service targeting an audience interested in sustainable development and innovation. The platform maintains a consistent brand presence and active social media engagement across multiple channels. Technically, the website runs on WordPress with the Bricks theme and uses plugins such as Borlabs Cookie for consent management and Podigee for podcast integration. However, the site lacks HTTPS, which is a critical security shortcoming. Security headers are minimal, and no incident response or security policies are publicly disclosed. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

D

d:code:it Ltd

dcodeit.com

0

d:code:it Ltd is a digital design and development studio specializing in transforming enterprises, particularly in the financial services sector. The company targets global banks and enterprises, offering innovative financial solutions, trading applications, and management consulting services. Their market position is that of a niche, specialized provider with a strong focus on complex UI and fintech applications. The website reflects a professional and consistent brand image with detailed leadership information and a comprehensive privacy policy demonstrating GDPR compliance. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront CDN, with modern JavaScript and SVG animations enhancing user experience. However, the site suffers from an invalid SSL certificate and lack of modern TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed in the policy, but no explicit cookie consent mechanism is present. Overall, the site is functional and professional but requires urgent security improvements to ensure trust and compliance.

F

F/LIST

f-list.at

0

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

P

PennWhite

pennwhite.co.uk

0

PennWhite is a mature, medium-sized global manufacturer specializing in foam control agents and chemical solutions, operating as a subsidiary of Manali Petrochemicals Limited. The company serves a broad industrial audience with over 35 years of experience and a presence in 40+ countries. The website is a modern Angular-based single-page application hosted on AWS infrastructure, demonstrating a good level of digital maturity with responsive design and professional branding. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR adherence visible. The company shows trustworthiness through certifications and corporate affiliations but should urgently address security shortcomings to improve its posture and compliance.

M

Medaprint Solutions Limited

mediaprint.design

0

Mediaprint Solutions Limited is a small UK-based company specializing in graphic design and print services, targeting businesses seeking professional branding and print solutions. The website is built on WordPress using the BeTheme and Revolution Slider plugins, hosted by IONOS SE. While the site presents a professional design and clear contact information, it lacks HTTPS support, which is a critical security deficiency. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Overall, the business appears legitimate with a mature domain age and consistent branding, but the technical and security posture requires enhancement to protect users and improve trust.

NCM - net communication management GmbH is a specialized digital marketing agency based in Salzburg, Austria, focusing on the tourism and hospitality sector. The company offers a comprehensive suite of services including SEO, SEA, social media marketing, web design, and proprietary tourism tools to enhance online presence and lead generation for hotels. The website is professionally designed, content-rich, and well-structured, targeting German-speaking tourism businesses. Technically, the site uses modern frameworks and CMS (Contao) but critically lacks a valid SSL/TLS certificate, exposing it to security risks and undermining user trust. Security headers are properly configured, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and accessible, supporting business credibility. Overall, the site demonstrates strong business maturity and digital presence but requires urgent security improvements to protect users and maintain trust.

M

MERKUR GAMING

merkur-gaming.com

0

MERKUR GAMING is an international sales and development brand under the German-based Gauselmann Group, specializing in gaming machines, linked progressive jackpots, and related gaming products. The website targets B2B clients in the gaming industry, offering a portfolio of games, cabinets, and linked solutions. The company maintains a consistent and professional brand presence with active social media channels and a corporate website featuring product showcases and news updates. Technically, the website uses a traditional Apache server with a variety of JavaScript libraries including jQuery and Bootstrap, and integrates a Usercentrics consent management platform along with Matomo analytics for privacy-conscious tracking. However, the site lacks HTTPS encryption, which is a critical security vulnerability. Security headers are partially implemented, but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is supported by a cookie consent mechanism and a basic privacy policy, though no explicit security or incident response policies are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SVD Büromanagement GmbH

svdgmbh.at

0

SVD Büromanagement GmbH is a medium-sized Austrian company specializing in providing comprehensive management and support services across multiple sectors including construction, procurement, IT, facility management, printing, information security, payroll, and legal services. The company primarily serves government and social insurance institutions, positioning itself as a key regional player with a strong focus on public sector needs. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of government agencies, suppliers, and job seekers. Technically, the site employs modern JavaScript libraries such as jQuery 3.6.0 and Jakarta Faces framework, hosted on Apache servers with a CMS likely based on Gentics. However, performance is slow and SSL/TLS security is critically lacking due to an invalid or missing certificate and disabled TLS protocols. Security headers are present but insufficient to compensate for the lack of HTTPS, resulting in a low security posture score. Privacy compliance is strong with comprehensive privacy and cookie policies and an active consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

E

EBNER Industrieofenbau GmbH

ebner.cc

0

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

T

Tait Communications

taitradio.com

0

Tait Communications is a mature and established enterprise specializing in critical communication solutions for public safety, transportation, and utility sectors. With over 50 years of experience and a global presence headquartered in New Zealand, the company offers a comprehensive portfolio of products including broadband radios, P25 and DMR radios, network management software, and professional services such as implementation and training. The website reflects a professional and consistent brand image with rich content tailored to mission-critical communication users. Technically, the website is built on the HubSpot CMS platform, leveraging modern JavaScript libraries such as Splide.js and Swiper.js for interactive elements, and integrates Google Analytics 4 and Google Tag Manager for analytics and marketing. Hosting and CDN services are provided by Cloudflare, enhancing availability and security. However, the site currently lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security posture is weakened by the absence of valid TLS protocols and session resumption features, although some security headers like HSTS and Content Security Policy are present. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but the lack of a cookie consent mechanism is a gap given the use of tracking technologies. Contact information is clearly provided with physical addresses and phone numbers, and social media presence is active on major platforms. Overall, while the business and content quality are excellent, the security deficiencies notably the missing SSL certificate, reduce the trustworthiness and security score. Strategic remediation of SSL and HTTPS issues, along with enhanced privacy controls, will significantly improve the website's security and compliance posture.

ZEGNA.com is the official online store for the luxury menswear brand ZEGNA, targeting discerning male customers seeking high-end designer clothing and accessories. The website offers a comprehensive product catalog with a strong focus on user experience, supported by modern web technologies such as Vue.js and Akamai CDN for performance and scalability. The site integrates multiple marketing and analytics tools to optimize customer engagement and business intelligence. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture and trustworthiness of the platform. Legal and privacy policies are well documented and accessible, indicating good compliance with GDPR and related regulations. Overall, the site presents a professional and trustworthy e-commerce experience but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

C

CCL Industries

cclind.com

0

CCL Industries is a global leader in specialty packaging and the largest label company worldwide, with headquarters in Canada and the USA. The company operates across multiple sectors including home & personal care, premium food & beverage, healthcare, automotive, and security, supported by subsidiaries such as Avery, Checkpoint, Innovia, CCL Design, and CCL Secure. Their website reflects a mature enterprise with comprehensive investor relations, sustainability initiatives, and corporate governance information. Technically, the site is built on WordPress with common plugins and libraries, hosted behind Cloudflare, but suffers from a lack of a valid SSL certificate, impacting security posture. The absence of HTTPS and security headers, along with no visible cookie consent mechanism, represents significant security and privacy compliance gaps. Overall, the site is professional and content-rich but requires urgent improvements in security configuration and privacy compliance to align with best practices.

X

XOLUTO

xoluto.at

0

XOLUTO is a small technology consulting firm based in Austria, specializing in digital strategy, sales and service process optimization, and AI strategy enablement. The website presents a professional and consistent brand image focused on delivering sustainable digital solutions to businesses. Technically, the site is built on a modern Angular framework and hosted on a provider associated with the domain's nameservers. However, the website lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Security headers are minimal, and no advanced security practices are observed. Privacy compliance is poor, with no privacy or cookie policies detected, and no GDPR compliance indicators. Contact information is limited to phone icons and a contact page link, with no explicit emails or phone numbers visible. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

R

Rohde & Schwarz GmbH & Co. KG

rohde-schwarz.com

0

Rohde & Schwarz GmbH & Co. KG is a well-established global technology company specializing in test and measurement, technology systems, networks, and cybersecurity solutions. With a history spanning over 90 years and a strong family ownership model, the company serves industries, governments, and public authorities worldwide. Their product and service portfolio includes advanced measurement equipment, cybersecurity services, and technology systems designed to ensure security and connectivity. The website reflects a mature, professional enterprise with consistent branding and comprehensive content targeting technology professionals and institutional clients. Technically, the website employs modern JavaScript libraries such as RequireJS, Adobe Launch for tag management, and accessibility tools like UserWay. The site is well-structured with good SEO and accessibility practices, and it is mobile-optimized. However, a critical security gap is the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts the security posture and user trust. Security-wise, while the site implements several security headers and cookie protections, the lack of HTTPS and TLS protocols is a major vulnerability. No incident response or vulnerability disclosure information is publicly available, which could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the website is professional and trustworthy from a business perspective but requires urgent security improvements to enable HTTPS and strengthen its security posture. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security header configurations to protect users and data integrity.

I

ICON Wirtschaftstreuhand GmbH

icon.at

0

ICON Wirtschaftstreuhand GmbH is a medium-sized Austrian professional services firm specializing in tax consulting, auditing, and international tax expertise. The company holds a strong market position, being ranked first in sustainability and machinery & plant engineering consulting by INDUSTRIEMAGAZIN in 2025. Their business model focuses on delivering comprehensive tax and audit services through nine specialized service lines supported by a global network and membership in WTS Global. The website reflects a professional and consistent brand image targeting businesses and private clients with international tax needs. Technically, the site is built on TYPO3 CMS, served via Apache and Amazon CloudFront CDN, and uses modern web technologies including Font Awesome and Google Tag Manager. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortcoming despite the presence of strong security headers and a content security policy. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is comprehensive and clearly presented. Overall, the site is well-designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security posture.

M

Mavie Work GmbH

consentiv.com

0

Mavie Work GmbH operates as a healthcare-focused B2B service provider specializing in comprehensive corporate health programs, including mental health support, physical wellness, and coaching services primarily targeting Austrian and German companies. The company has a mature market presence with over 15 years of domain registration and 20 years of operational experience, supported by multiple regional locations and digital platforms. Technically, the website leverages modern frameworks such as Next.js and Contentful CMS hosted on Google infrastructure, indicating a contemporary digital maturity. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy compliance is partially addressed with a privacy policy present but lacks visible cookie consent mechanisms. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards and regulatory requirements.

P

Pacific National

pacificnational.com.au

0

Pacific National is Australia's largest private rail freight operator, providing comprehensive rail logistics services across the country. The company emphasizes safety, customer service, and operational excellence, serving a broad range of industries with extensive rail assets including locomotives and wagons. Their market position is strong as a trusted logistics partner with a large customer base and national presence. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing common web technologies such as jQuery, Bootstrap, and Owl Carousel. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and structured data implemented for enhanced search visibility. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Security headers are minimal, and advanced protections like HSTS and OCSP stapling are not enabled. While some security best practices like HttpOnly and Secure cookie flags are set, the overall security posture is weak and requires urgent improvement. Overall, the website is professional and content-rich but suffers from significant security shortcomings that impact user trust and compliance. Strategic improvements in SSL/TLS deployment and privacy compliance mechanisms are recommended to enhance security and regulatory adherence.

The website noda.at is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any actual business content or services. The site lacks a valid SSL certificate and does not serve content over HTTPS, severely impacting security posture. No privacy, cookie, or terms of service policies are present, and no contact information or business details are available. The technical infrastructure relies on Cloudflare for DNS and security services but is misconfigured or incomplete, resulting in the site being blocked. Overall, the site is not operational and presents significant security and compliance gaps.

L

LGT Private Banking

lgt.com

0

LGT Private Banking is a well-established global private bank with over 100 years of history, specializing in wealth management and investment solutions for wealthy clients. The website reflects a professional and consistent brand image, targeting high-net-worth individuals and financial intermediaries. The business model focuses on private banking services, investment solutions, and sustainability-oriented wealth management. Technically, the website uses modern web technologies and is hosted on a reputable CDN provider, but suffers from critical SSL/TLS misconfiguration, impacting security and user trust. Security headers are well implemented, but the lack of HTTPS is a major vulnerability. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is content-rich, professionally designed, and trustworthy, but requires urgent security improvements.

B

BORBET GmbH

borbet-austria.at

0

BORBET GmbH is a large, internationally oriented family-owned manufacturer specializing in aluminum alloy wheels for the automotive industry and specialist trade. The company offers a comprehensive product range including a 3D wheel configurator and operates both B2B and B2C sales channels. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting automotive customers and partners. Technically, the site uses a custom CMS with common JavaScript libraries but lacks modern SSL/TLS security, which is a critical vulnerability. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policy. Contact information and social media presence enhance business credibility. However, the absence of a valid SSL certificate and TLS protocols significantly undermines the security posture, exposing users to risks. Strategic improvements in SSL deployment and security best practices are urgently recommended.

S

Semantic Web Company

semantic-web.com

0

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

E

Excellence AG

excellence.ag

0

Excellence AG is an international technology partner specializing in engineering and IT services with a strong focus on green technology and sustainability. The company operates multiple offices across Germany and the Netherlands, offering green tech job opportunities and supporting sustainable projects in energy and transportation sectors. Their website is professionally designed, content-rich, and targets professionals interested in green technology careers and partnerships. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, integrated with Google Tag Manager and social login plugins for LinkedIn and Xing. The hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are not available, but the site shows good mobile optimization and SEO practices. From a security perspective, the absence of HTTPS and modern TLS protocols significantly lowers the security posture. No advanced security headers or incident response policies are evident. Privacy compliance is partially met with a comprehensive privacy policy and GDPR consent statements on forms, but no cookie consent mechanism is detected. Business credibility is supported by ISO 9001 certification, multiple office locations, and professional content. Overall, the website presents a trustworthy and professional business front but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include SSL implementation, security header enhancements, and adding explicit cookie consent mechanisms to align with privacy regulations.

S

System Industrie Electronic GmbH

sie.at

0

System Industrie Electronic GmbH (S.I.E) is a market-leading specialist in the development and manufacturing of embedded and cyber-physical systems. The company offers a comprehensive portfolio of services including ideation, engineering, production, and quality lifecycle management, targeting industrial clients requiring customized embedded solutions. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics, Google Tag Manager, and OneSignal push notifications. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business demonstrates strong credibility and market positioning, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.