Security Directory

S

Stork

stork.com

0

Stork is an established industrial services company focused on asset management, maintenance, and consultancy primarily in the energy and process industries. Recently acquired by Bilfinger, Stork operates under its umbrella in several key countries including Belgium, the Netherlands, Germany, and the USA. The website presents a comprehensive overview of their services and global presence, targeting industrial clients seeking lifecycle asset support. Technically, the site uses modern React technology but suffers from slow load times and lacks a valid SSL certificate, which impacts its security posture. Privacy compliance is well addressed with clear cookie and privacy policies including consent mechanisms. However, explicit contact details like emails and phone numbers are not readily available, relying mainly on contact forms. Overall, the site is professional and trustworthy but would benefit from improved security configurations and performance optimizations.

N

NCR Corporation

ncr.com

0

The website for ncr.com serves as a landing page announcing the corporate split of NCR Corporation into two distinct entities: NCR Voyix and NCR Atleos. NCR Voyix focuses on providing digital commerce solutions to retailers and restaurants globally, while NCR Atleos specializes in expanding financial access through self-service channels and ATM network services. The site targets business clients in retail, restaurant, and financial sectors, positioning itself as a leading enterprise in technology-driven commerce and financial services. Technically, the site is built using Webflow CMS, hosted behind Cloudflare, and employs jQuery and Google Fonts. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are present but insufficient without proper SSL/TLS configuration. No privacy, cookie, or terms of service policies are found, and no contact information or forms are provided, limiting user engagement and compliance transparency. Overall, the site demonstrates good design and branding consistency but requires significant improvements in security and privacy compliance to meet enterprise standards.

The website amsc-windtec.com currently serves only a parking or under construction page with no active business content or services presented. The domain lacks DNS records and a valid SSL certificate, resulting in no HTTPS support and poor security posture. The site includes third-party ad scripts from suspicious domains, further reducing trustworthiness. There is no privacy policy, cookie policy, terms of service, or contact information available, indicating a lack of compliance and transparency. Overall, the site does not represent an active or legitimate business presence online. From a technical perspective, the infrastructure is minimal and outdated, with no modern security protocols or performance optimizations. The absence of DNS records and SSL suggests the domain is parked or abandoned. The site is not mobile optimized and lacks accessibility and SEO best practices. Security evaluation reveals critical vulnerabilities including no HTTPS, no security headers, and no incident response or data protection policies. The presence of third-party ad scripts without consent mechanisms raises privacy concerns. The domain's WHOIS data is incomplete or unavailable, limiting trust and legitimacy assessments. Given these findings, the overall risk is high for users attempting to interact with this domain. Strategic recommendations include obtaining a valid SSL certificate, configuring DNS properly, removing third-party ad scripts, and developing a compliant, content-rich website with clear business and contact information.

C

Caterpillar Energy Solutions GmbH

mwm.net

0

MWM, operating under Caterpillar Energy Solutions GmbH, is a well-established company specializing in highly efficient and environmentally friendly combined heat and power plants and block heating power plants. With over 150 years of experience, the company offers a broad portfolio of gas engines and power generation solutions targeting industrial, commercial, and public utility sectors globally. The website reflects a mature digital presence with comprehensive product and service information, supported by a global service and sales network. Technically, the site is built on WordPress with common libraries and plugins, but suffers from a critical lack of a valid SSL certificate, which severely impacts its security posture. Privacy policies and GDPR compliance are well addressed, and contact is primarily via web forms. Overall, the site is professional and trustworthy but requires urgent security improvements.

C

Chez Bruce

chezbruce.co.uk

0

Chez Bruce is a small, established restaurant business located in the United Kingdom with a mature domain age of 21 years. The website provides basic information about the restaurant, its food and wine offerings, booking options, and contact details. The business targets local diners and visitors seeking a fine dining experience. The website uses WordPress CMS with jQuery and integrates a third-party booking widget from SevenRooms. However, the technical infrastructure lacks modern security measures, notably the absence of a valid SSL certificate and HTTPS, which significantly impacts user trust and security. The website content is minimal and lacks privacy and cookie policies, indicating poor compliance with data protection regulations. Contact information is clearly presented but limited to phone numbers and a physical address, with no company email addresses found.

The website falstaff.at is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of actual business content. This prevents a full assessment of the company's online presence, business model, or services. The domain is registered and has DNS records consistent with operational email infrastructure, but no valid SSL certificate is installed, and HTTPS is not properly configured. The lack of visible content, contact information, or compliance policies indicates a very limited digital footprint at this time. Technically, the site relies on Cloudflare for security and hosting services but fails to implement essential security best practices such as valid SSL/TLS, HSTS, and OCSP stapling. Performance and accessibility cannot be evaluated due to the blocked content. The presence of Cloudflare Insights indicates minimal analytics tracking. From a security perspective, the absence of HTTPS and the presence of a WAF block significantly reduce the trustworthiness and usability of the site. No privacy, cookie, or terms of service policies are found, and no contact or incident response information is available. The domain registration data appears consistent and legitimate but lacks detailed WHOIS information to confirm domain age or registrant identity. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility due to the blocking and missing information. Strategic recommendations include resolving SSL issues, publishing essential policies, providing clear contact information, and ensuring the site is accessible to legitimate users to improve trust and compliance.

The website pgkengineering.com is currently inactive and displays a Squarespace default expiration notice indicating the account has expired. No business content, contact information, or policies are present, making it impossible to assess the company's services, market position, or target audience. The technical infrastructure is minimal, relying on Squarespace hosting with no SSL certificate configured, resulting in an insecure HTTP-only site. Security posture is weak due to lack of HTTPS, missing security headers, and no modern TLS protocols enabled. Overall, the site is non-functional and does not provide any business or security assurances. Strategic recommendations include renewing the hosting account, implementing HTTPS with a valid SSL certificate, and publishing essential business and compliance information to restore trust and functionality.

wengermayer business consulting is a small Austrian consulting firm specializing in human-centric organizational development, communication culture, conflict management, and personnel development. Their services focus on supporting businesses where human interaction and development are central. The website is built on Contao CMS and hosted on an Apache server with Ubuntu, using various JavaScript libraries for UI enhancements. However, the site lacks HTTPS, which is a critical security vulnerability. Cookie consent is implemented via Cookiebot, indicating awareness of privacy compliance. Social media presence on XING, LinkedIn, Facebook, and Twitter supports business credibility. Overall, the technical infrastructure is basic with room for modernization and security improvements.

F

FLSmidth A/S

flsmidth.com

0

FLSmidth A/S is a global leader in mineral processing equipment and services, serving the mining industry with a comprehensive portfolio of products, parts, and digital solutions. The company emphasizes sustainability through its MissionZero program, aiming for zero-emissions mining by 2030. The website is built on a modern Next.js framework and hosted on Vercel, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the site's security posture. Despite this, the site provides extensive business and investor information, clear contact details, and demonstrates good privacy compliance with comprehensive legal pages. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Wipro

wipro.com

0

Wipro is a mature, global enterprise specializing in digital transformation and IT services, offering a broad portfolio including cloud, AI, cybersecurity, and consulting. The website reflects a professional and content-rich digital presence targeting enterprise clients worldwide. Technically, the site uses modern marketing and analytics technologies and is hosted on AWS with Adobe Experience Manager CMS. However, critical security issues exist due to an invalid SSL certificate and lack of modern TLS protocol support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

ج

جامعة الملك سعود

ksu.edu.sa

0

King Saud University is a large, well-established academic institution in Saudi Arabia, founded in 1957. It offers comprehensive educational and research services and holds a strong market position as one of the largest universities globally by area. The website is built on Drupal 9 with modern frontend technologies and provides rich content primarily in Arabic with English support. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are present, but no explicit security or incident response policies were found. The university maintains a strong digital presence with official social media channels and mobile applications. Overall, the website is professional and content-rich but requires urgent security improvements to meet modern standards.

D

Dr. Andreas Riedler Facharzt für HNO, Kopf- und Halschirurgie

der-hno-arzt.at

0

Dr. Andreas Riedler operates a specialized ENT medical practice based in Wels, Austria, providing comprehensive ear, nose, and throat healthcare services including examinations, therapies, and surgeries. The website targets local patients seeking trusted medical care and emphasizes personalized patient relationships and appointment scheduling. Technically, the website is built on a CMS platform (ZMS) with standard web technologies and integrates Matomo analytics for user behavior tracking with privacy opt-out features. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no terms of service or incident response policies are published. Overall, the website is functional and professionally presented but requires urgent security improvements to meet modern standards.

R

Raiffeisen Informatik GmbH & Co KG

raiffeiseninformatik.at

0

Raiffeisen Informatik GmbH & Co KG is a well-established IT service provider specializing in comprehensive IT solutions for financial and insurance sectors, with over 50 years of experience and a strong presence in Austria and neighboring countries. The company offers a broad range of services including data center operations, security services, IT consulting, and banking and insurance solutions. Their business model focuses on close collaboration with clients from planning through operation, supported by a large workforce and significant annual revenue. Technically, the website is built on WordPress with Apache server infrastructure and uses Cloudflare for DNS, but critically lacks a valid SSL certificate, exposing it to security risks. Security headers are implemented, but without HTTPS the security posture is severely weakened. Privacy compliance is basic with no visible cookie consent or incident response information. Overall, the website is professional and content-rich, but the lack of HTTPS is a major security concern that must be addressed urgently.

S

SonnenMoor

sonnenmoor.at

0

SonnenMoor is an established Austrian family-owned business specializing in natural health products and remedies, operating since 1972. The company leverages a Shopify-based e-commerce platform to serve both retail consumers and business partners, with a strong focus on natural, herbal, and moor-based products. The website is professionally designed, content-rich, and provides comprehensive contact and support information, including personal consultation services. Technically, the site uses modern e-commerce technologies and integrates multiple marketing and analytics tools with GDPR-compliant consent mechanisms. However, a critical security issue is the lack of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture and user trust. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Strategic improvements in SSL/TLS configuration are essential to enhance security and trust.

T

Tulsa Public Schools

tulsaschools.org

0

Tulsa Public Schools operates a comprehensive public education system serving a large student population in Tulsa, Oklahoma. The website provides extensive resources for students, families, educators, and community members, including enrollment information, academic programs, family support, and career opportunities. The district positions itself as a community-focused organization committed to equity, excellence, and student success. Technically, the site leverages modern analytics and marketing tools, a reputable CMS (Finalsite), and Cloudflare for hosting and security. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the secure delivery of content and user trust. Privacy and cookie policies are not explicitly found, indicating potential compliance gaps. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

KWR Karasek Wietrzyk Rechtsanwälte GmbH is a leading Austrian law firm specializing in Wirtschaftsrecht (business law) with over 20 years of experience. The firm offers a broad range of legal services including construction law, intellectual property, dispute resolution, and more, targeting national and international corporate clients. The website is professionally designed, content-rich, and well-structured, reflecting the firm's strong market position and reputation supported by multiple industry recognitions such as Chambers and Legal 500. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes user privacy mechanisms like cookie consent and optional Matomo analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to risks and undermining trust. Security headers are partially implemented but require enhancement. Overall, the site demonstrates good privacy compliance and business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

Q

Quest Global

quest-global.com

0

Quest Global is a well-established global engineering services provider with over 21,000 employees across 18 countries and 84 centers. The company specializes in delivering end-to-end engineering solutions across multiple industries including aerospace, automotive, healthcare, and energy. Their business model focuses on B2B partnerships with large enterprises, leveraging digital and embedded engineering expertise to solve complex engineering challenges. The website reflects a professional and comprehensive digital presence with strong branding and trusted partnerships with major technology companies such as NVIDIA, Microsoft, AWS, and Google Cloud. Technically, the website is built on WordPress with Elementor and hosted on WP Engine behind Cloudflare CDN. It uses modern marketing and analytics tools like HubSpot and Google Tag Manager. However, performance metrics are not provided, and the site shows signs of slow loading. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the site has several strong security headers implemented, but critically lacks a valid SSL/TLS certificate and does not support any TLS protocols, which is a major vulnerability. This significantly reduces the security posture and exposes users to risks. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place, but no explicit security policy or incident response contacts are found. Overall, the website is professional and credible but urgently needs to address its SSL/TLS configuration to ensure secure communications and improve trustworthiness. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, enhancing security headers, and publishing explicit security and incident response policies.

C

CMC Markets

cmcmarkets.com

0

CMC Markets is a well-established global online trading platform founded in 1989, offering leveraged trading on a wide range of financial instruments including forex, indices, commodities, cryptocurrencies, shares, ETFs, and bonds. The company operates multiple trading platforms such as MetaTrader 4, MetaTrader 5, TradingView integration, and its proprietary web and mobile platforms, serving over 1.5 million global clients. It is a FTSE 250 listed company with a strong market position and multiple regulatory licenses, including in Bermuda and the UK. The website is professionally designed, content-rich, and targets retail and institutional traders worldwide. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with good mobile optimization and SEO practices. The platform supports multiple device types and integrates third-party services for enhanced user experience and marketing. However, the SSL certificate is currently invalid or missing, which is a critical security concern. Security headers are partially implemented, and there is no evidence of advanced security policies or incident response information on the site. The security posture is moderate with room for improvement, especially in SSL configuration and additional security headers. Privacy and cookie policies are present and indicate GDPR compliance, with clear consent mechanisms. Contact information is comprehensive, including phone, email, and physical addresses in multiple countries. The company demonstrates strong business credibility through trust indicators such as awards, Trustpilot reviews, and regulatory compliance. Overall, CMC Markets presents a professional and trustworthy online trading service with a mature digital presence. Addressing the SSL certificate issue and enhancing security headers would significantly improve the security posture and user trust.

Weatherford's PetroVisor website presents a mature and comprehensive SaaS platform focused on unifying data and analytics for the energy sector, specifically oil and gas production optimization. The platform integrates AI/ML capabilities and offers multiple modules addressing production, artificial lift, completion optimization, ESG, and enhanced oil recovery. The website is professionally designed, content-rich, and targets enterprise-level energy industry professionals. Technically, the site uses a modern tech stack including Kentico CMS, jQuery, and various analytics and marketing tools. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security incident response or vulnerability disclosure information is found. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic security improvements are necessary to enhance trust and protect user data.

M

MPG GmbH

michael-pachleitner-group.com

0

MPG GmbH is an established Austrian eyewear company specializing in manufacturing and retail of optical frames and lenses, serving both B2B and B2C markets. The company operates multiple subsidiaries and maintains a professional online presence with multilingual support and structured data. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating marketing tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the business demonstrates credibility and maturity, but security posture requires urgent improvement to align with best practices.

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 29 security findings identified across all modules.

L

Lidl Österreich

lidl.at

0

Lidl Österreich operates a comprehensive retail website offering a wide range of products including food, household items, garden supplies, fashion, and more. The site features extensive promotional content, including weekly offers and loyalty programs such as Lidl Plus. The company holds a strong market position in Austria as a leading discount supermarket chain, supported by a consistent and professional brand presence. Technically, the website employs modern technologies like Vue.js and is hosted on a robust infrastructure with Akamai DNS services. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and content security policies, indicating a focus on security best practices. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional and trustworthy but must urgently address the SSL deficiency to ensure secure user interactions.

O

OC Oerlikon Management AG

oerlikon.com

0

OC Oerlikon Management AG is a global industrial technology leader specializing in surface technologies, advanced materials, and additive manufacturing solutions. The company serves key growth markets including automotive, aerospace, energy, tooling, and luxury sectors through a portfolio of subsidiaries and partner brands. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data security. Privacy compliance is well addressed with a robust cookie consent mechanism and clear privacy policies. Overall, the business demonstrates high legitimacy and market positioning but requires urgent improvements in security posture to align with best practices.

G

GTech Automatisierungstechnik GmbH

gtech.at

0

GTech Automatisierungstechnik GmbH is a medium-sized Austrian company specializing in automation technology, providing complex measurement, alignment, testing, and assembly systems primarily for large series production. The company has a strong market position as an innovator and specialist with over 20 years of experience, serving industrial clients worldwide. Their website is professionally designed and provides comprehensive information about their services and values. Technically, the site is built on the Wix platform using modern frameworks like React, but lacks a valid SSL certificate, which is a critical security concern. The security posture is basic with some security headers present but no HTTPS, exposing the site to potential risks. Privacy compliance is good with clear privacy and cookie policies, and contact information is readily available. Overall, the site is trustworthy but needs urgent security improvements to protect user data and enhance credibility.

Merit Group Limited is a UK-based B2B data and intelligence company specializing in technology-driven data capture and analysis to provide high-quality business and political intelligence. The company operates through subsidiaries including Dods Group Limited and Merit Data & Technology Limited, serving clients primarily in the UK and Europe. The website presents a professional image with clear business descriptions and subsidiary links, targeting business clients seeking data intelligence solutions. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses common plugins and libraries such as jQuery and Genesis Blocks. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy and cookie policies exist but lack advanced consent mechanisms, and no incident response or security policies are published. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

The website esab.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business-specific information, contact details, or policy documents are available for analysis. The site is protected by Cloudflare, but lacks a valid SSL certificate and modern TLS support, indicating a weak security posture. The DNS configuration shows standard use of Azure DNS and Outlook mail protection, but no advanced DNS security features such as DNSSEC or CAA are enabled. Overall, the site’s digital maturity and security posture are limited by the lack of accessible content and missing HTTPS encryption. Strategic improvements are necessary to enable secure access and provide transparency to visitors.

Y

YES BANK

yesbank.in

0

YES BANK is a major Indian financial institution providing a range of banking services including retail, corporate, and investment banking. The website content analyzed is minimal and primarily technical, with no visible privacy or cookie policies, contact information, or user-facing content. The domain and DNS data confirm the legitimacy of the bank's online presence. Technically, the site uses Oracle Cloud infrastructure and Akamai CDN, with multiple third-party analytics and advertising integrations. However, the absence of a valid SSL certificate is a critical security flaw, severely impacting the site's security posture and user trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site requires urgent remediation of SSL issues and improved transparency in privacy and contact information to meet industry standards.

C

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG

colop.com

0

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG is a well-established Austrian manufacturer specializing in stamps and marking solutions with a global footprint. Founded in 1981, the company operates multiple subsidiaries worldwide and offers a broad range of products including traditional stamps, mobile printing devices, and creative arts and crafts stamps. Their business model combines manufacturing with e-commerce and partner distribution, targeting both professional and creative markets. The website reflects a professional and comprehensive digital presence with strong branding and content quality.

D

DHK

dhk.be

0

DHK is a Belgian company specializing in aluminum and composite building materials, offering a range of products including aluminum profiles, pergolas, carports, and custom folded sheet metal work. The company targets both professional and private customers in the construction and renovation sectors, providing online configurators and a digital showroom to enhance customer experience. The website reflects a medium-sized business with a consistent brand presence and active social media engagement. Technically, the site is built on a Ruby on Rails framework, hosted on OVH infrastructure, and uses modern marketing tools such as Google Tag Manager and ActiveCampaign. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. Security headers are partially implemented but some important protections like X-XSS-Protection are disabled. Privacy and cookie policies exist but lack explicit consent mechanisms, which may impact GDPR compliance. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

N

Nixplay Frames | #1 Selling Digital Picture Frame | On Sale

nixplay.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 22 security findings identified across all modules.

The website espon.eu is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business-related information, contact details, or policies are available for analysis. The site is protected by Cloudflare, but it lacks a valid SSL/TLS certificate, which is a critical security deficiency. DNS records are properly configured with multiple A and AAAA records, MX records pointing to Outlook protection, and a valid SPF record, indicating a legitimate email setup. However, the absence of DNSSEC and CAA records slightly reduces trust. Overall, the website's security posture is weak due to missing HTTPS and modern TLS protocols, and the lack of visible privacy or cookie policies indicates poor compliance with data protection standards. The site’s technical infrastructure relies on Cloudflare for hosting and security, but the current blocking status severely limits usability and trust.

The website at discovery.com currently presents only a minimal 'Not found' page with no accessible content, metadata, or business information. The domain is registered and hosted on Amazon AWS infrastructure, but the lack of valid SSL/TLS configuration and absence of HTTPS severely undermines the site's security posture. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available, indicating the site is either under construction or improperly configured. From a technical perspective, the site suffers from very slow load times despite minimal content, no modern web technologies detected, and no SEO or accessibility features implemented. Security best practices are absent, with no security headers, no HSTS, and no certificate transparency compliance. The DNS setup appears legitimate with multiple MX and NS records, but the invalid SSL certificate and lack of HTTPS are critical vulnerabilities. Overall, the site is not currently functional or trustworthy for users or business partners. The absence of content and security controls poses significant risks and undermines credibility. Immediate remediation is required to install a valid SSL certificate, enable HTTPS, and deploy basic website content and policies to establish trust and compliance.

C

Welcome to Constantia Flexibles

cflex.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 27 security findings identified across all modules.

I

Istmobil

istmobil.at

0

Istmobil.at is an independent informational website focused on providing detailed reviews, guides, and affiliate referrals related to mobile casinos and online gambling targeted at Austrian players. The site offers comprehensive content on casino apps, bonuses, payment methods, and gaming options, positioning itself as a niche media player in the online gambling affiliate space. Technically, the site is hosted behind Cloudflare and uses standard web technologies including HTML5, CSS3, and JavaScript, with Google Fonts for typography. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. This significantly impacts the site's security posture and user trust. Privacy compliance is minimal, with no visible cookie consent mechanism and only basic privacy and terms of service pages linked in the footer. The site uses Matomo analytics and affiliate marketing links to partner casino domains. Overall, while content quality and business credibility are moderate to good, the lack of HTTPS and modern security practices present a major risk. Strategic improvements in security and privacy compliance are essential to enhance trust and protect users.

T

Therefore Corporation

therefore.net

0

Therefore Corporation operates a comprehensive information management platform targeting businesses across multiple industries. The company positions itself as a market leader in ECM and workflow automation, offering a wide range of software solutions designed to improve document management, workflow digitization, and data accessibility. Their website reflects a mature digital presence with professional design, rich content, and clear navigation. Technically, the site is built on WordPress with modern optimization plugins and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate is a significant security gap, undermining the otherwise strong security headers and policies. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the business credibility is high, supported by certifications, partner relationships, and extensive case studies.

T

twinformatics GmbH

twinformatics.at

0

twinformatics GmbH is a medium-sized Austrian IT service provider specializing in software development and operation for major insurance companies such as Wiener Städtische Versicherung AG and Vienna Insurance Group. The company positions itself as a strong IT partner with end-to-end responsibility for innovative software solutions trusted by thousands of users. The website is professionally designed, primarily in German, targeting IT professionals and potential employees. Technically, the site runs on WordPress with modern PHP and uses several plugins for enhanced functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of HSTS headers. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. The security posture is basic and requires immediate improvements in SSL/TLS configuration and vulnerability disclosure practices. Overall, the website reflects a credible and professional business but needs technical security enhancements to align with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

E

Emerson Electric Co.

flexim.com

0

The website flexim.com serves as a comprehensive brand page for Flexim, a division of Emerson Electric Co., specializing in non-intrusive, clamp-on ultrasonic flow meters for liquids, gases, and steam. The site positions Flexim as an industry leader with a strong focus on industrial and energy sectors, offering a wide range of products, services, and customer support resources. The content is rich, professionally designed, and well-structured, targeting industrial customers and professionals seeking advanced flow measurement solutions. Technically, the site employs modern web technologies including Bootstrap, Google Tag Manager, and Visual Website Optimizer, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy and compliance measures are well addressed with clear privacy and cookie policies, and incident response channels are available. Overall, the site demonstrates high business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and maintain trust.

P

PXP Financial

pxpfinancial.com

0

PXP Financial is a UK-based payment technology company offering a unified commerce platform that simplifies global payments and commerce operations. The company targets a broad range of industries including retail, hospitality, gaming, and travel, providing services such as point of sale, eCommerce, acquiring, and cross-border payments. Their platform emphasizes intelligent payment routing, real-time business intelligence, and self-service capabilities, positioning them as a modern and innovative player in the payment solutions market. Technically, the website is built on HubSpot CMS with integrations of popular marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for privacy compliance. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is a critical issue for a financial services provider. The domain registration is consistent and mature, registered with a reputable UK registrar, and the business is FCA authorized, enhancing credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS security to meet industry standards and protect user data.

Genuine Parts Company is a well-established global leader in the distribution of automotive and industrial replacement parts, founded in 1928. The company operates extensively across North America, Europe, and Australasia with a large workforce and numerous locations. Their business model focuses on providing quality parts and value-added solutions through a network of subsidiaries and partner brands such as NAPA and Motion. The website reflects a mature corporate presence with investor relations, sustainability reporting, and career opportunities prominently featured. Technically, the site is built on WordPress with common libraries and frameworks, and is hosted behind Cloudflare. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is addressed through a OneTrust cookie consent mechanism and a comprehensive privacy policy, but no explicit terms of service or security policies are found. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

Ö

Österreichische Gesundheitskasse

ooegkk.at

0

The Österreichische Gesundheitskasse (ÖGK) operates as a major public health insurance provider in Austria, delivering comprehensive health insurance services and support to insured individuals, employers, and contract partners. The website serves as an official portal offering information, appointment scheduling, customer service, and career opportunities, targeting Austrian residents and stakeholders in the healthcare sector. The digital presence is supported by a modern technology stack including Apache, Jakarta Faces, and jQuery, managed via a Gentics CMS platform, and hosted within the Austrian social insurance infrastructure. Despite a professional and content-rich website, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture. The site implements a strong Content Security Policy and cookie consent mechanisms, reflecting good privacy compliance, but the lack of HTTPS and TLS protocols is a critical vulnerability. Social media integration and clear contact information enhance trust and user engagement. Overall, the website is functional and credible but requires urgent security improvements to protect user data and comply with modern standards.

D

Dorotheum GmbH & Co KG

dorotheum.com

0

Dorotheum GmbH & Co KG operates the largest auction house in Central Europe, specializing in art, antiques, jewelry, and collectibles with over 300 years of experience. The company holds numerous auctions annually, both online and in physical salerooms, and offers additional services such as private sales and expert consultations. The website is professionally designed, content-rich, and targets collectors, buyers, and sellers in the art and luxury goods market primarily in Austria and surrounding regions. Technically, the site is built on TYPO3 CMS with modern frontend libraries and integrates analytics and marketing tools like Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security posture to protect user data and enhance trust.

Bühler Group is a well-established enterprise specializing in manufacturing and technology solutions primarily for the food processing and advanced materials industries. The company offers a broad portfolio of industrial solutions, including extrusion, milling, and process technologies, supported by global services such as maintenance, expert consulting, and training centers. Their website reflects a mature digital presence with consistent branding and comprehensive corporate governance information. Technically, the site is built on Adobe Experience Manager and hosted on AWS infrastructure with CloudFront CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms on forms. Overall, Bühler Group's website demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Irish Bank Resolution Corporation Limited (IBRC) is a financial institution currently in special liquidation, managing the orderly conclusion of its liquidation process. The website serves primarily as an informational portal to communicate the status of the liquidation, provide contact details, and notify stakeholders about deadlines for deeds of release and edischarges. The business operates under the supervision of the Central Bank of Ireland and is a successor to Irish Nationwide Building Society and Anglo Irish Bank Corporation Limited. The target audience includes creditors, impacted customers, and parties requiring documentation related to the liquidation. Technically, the website is built on Microsoft IIS with ASP.NET and uses Google Analytics for tracking. The hosting IP suggests Amazon AWS infrastructure. However, the site lacks a valid SSL/TLS certificate, serving content over HTTP only, which significantly impacts security posture. The site has basic design and content quality, reflecting its winding-down status, with limited interactivity and no forms. SEO and accessibility features are minimal. From a security perspective, the absence of HTTPS and security headers, lack of DNSSEC and CAA records, and no vulnerability disclosure policy indicate a low security maturity level. While no active vulnerabilities or malware were detected, the site is exposed to risks due to missing encryption and security best practices. Privacy compliance is partial, with a data protection notice available but no cookie consent mechanism despite use of Google Analytics. Overall, the website presents moderate business credibility but suffers from critical security shortcomings. Strategic improvements in SSL implementation, security headers, and privacy compliance are recommended to enhance trust and protect visitors. Given the nature of the business in liquidation, the website's limited functionality and content are understandable but should still meet basic security standards.

W

Wiener Privatbank

wienerprivatbank.com

0

Wiener Privatbank is a medium-sized Austrian private bank specializing in wealth and asset management, capital market investments, and real estate. The bank emphasizes personalized service, crisis-proof investment strategies, and trusted FATCA solutions. The website is built on a modern CMS platform (Craft CMS) with SEOmatic for SEO optimization and includes rich content and clear navigation targeting private banking clients and investors. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. While privacy policies are present and GDPR compliance appears addressed, no cookie consent mechanism or terms of service were found. Social media presence on Facebook, LinkedIn, and YouTube supports brand visibility. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect users and enhance trust.

The website proz.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to proceed. This prevents access to any substantive content, including business information, policies, or contact details. The domain is registered and uses Cloudflare for DNS and security, with email services routed through Google and marketing integrations via HubSpot and SendGrid. However, the SSL/TLS configuration is invalid or missing, which is a critical security concern. No privacy or cookie policies are detectable, and no contact information is available on the challenge page. Overall, the site’s security posture is limited by the lack of valid HTTPS and the blocking of content by the WAF, resulting in a low trust and usability score.

W

Werner Mertz Professional

wmprof.com

0

Werner Mertz Professional is a medium-sized manufacturing company specializing in high-performance hygiene solutions for professional cleaning markets. With over 50 years of history and a strong commitment to sustainability, the company operates under well-known brands such as Green Care Professional and Tana Professional. The website reflects a mature digital presence with comprehensive content, professional design, and strong SEO practices. However, the lack of a valid SSL certificate and proper HTTPS configuration represents a significant security risk that undermines user trust and data protection. The company has implemented cookie consent mechanisms and privacy policies compliant with GDPR, indicating awareness of privacy regulations. Overall, the business is credible and well-positioned in its sector but must urgently address its security posture to meet modern standards.

R

Rosenfelt & West Engineering A/S

rwe.dk

0

Rosenfelt & West Engineering A/S is a Danish engineering company specializing in railway safety systems, including automatic secured level crossings and marshalling yard safety installations. The company offers comprehensive services such as equipment renovation, training courses, and career opportunities within the railway safety sector. Their market position is supported by certifications in environmental management, quality management, and railway safety standards, reflecting a commitment to reliability and compliance. Technically, the website is built on WordPress with common plugins and hosted on a LiteSpeed server, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS and related security headers exposes the site and its visitors to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie policy or consent mechanism detected. Contact information is limited to a phone number and contact page link, with no email addresses or social media profiles found. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

S

Stefanel

stefanel.com

0

Stefanel is a European retail and e-commerce brand specializing in women's fashion, operating a multi-country website with localized country selectors. The business targets European consumers seeking stylish women's clothing. The website is built on the Salesforce Commerce Cloud (Demandware) platform and uses various marketing and analytics tools including Google Tag Manager, CQuotient, and LiveStory. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. Privacy compliance is partially addressed with a OneTrust cookie consent mechanism, but no privacy policy or terms of service are found on the splash page. Contact information is also absent, limiting user trust and support options.