Security Directory

U

Università degli Studi Internazionali di Roma - UNINT

unint.eu

0

Università degli Studi Internazionali di Roma - UNINT is a large, established higher education institution based in Italy, offering a wide range of undergraduate and graduate programs with a strong international focus. The website is professionally designed, content-rich, and targets students, faculty, and academic partners. The technical infrastructure is based on WordPress with modern plugins and frameworks, though performance is somewhat slow. Security posture is basic with critical issues such as an invalid SSL certificate and lack of security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy but requires immediate attention to SSL and security configurations to enhance user trust and data protection.

The website shi.com is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks direct access to content. This prevents a full assessment of the business and website content. The domain uses Microsoft Azure DNS and Mimecast mail servers, indicating a legitimate infrastructure setup. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. No privacy, cookie, or terms of service policies are visible, and no contact or business information is accessible on the landing page. Performance is very poor with an extremely high load time, likely due to the blocking mechanism. Overall, the site appears to be protected by Cloudflare's security mechanisms but lacks fundamental security configurations and visible business transparency.

The website remax-impuls.at appears to represent a small Austrian business, likely in the real estate sector given the domain name, but no explicit business information or content is accessible due to a security challenge page blocking direct access. The site employs a bot detection script and redirects users after a delay, indicating a Web Application Firewall or similar security mechanism is in place. Technically, the site is served by nginx and hosted under the citc.at domain infrastructure, but critically lacks a valid SSL certificate and HTTPS support, exposing it to security risks and reducing user trust. Security headers such as X-XSS-Protection, X-Frame-Options, and X-Content-Type-Options are present, but without HTTPS, these provide limited protection. No privacy, cookie, or terms of service policies are found, and no contact or business details are visible on the landing page. Overall, the site’s security posture is weak, and the lack of accessible content prevents a full business or technical assessment.

ABF Pharmaceutical Services GmbH, part of the GBA Group, specializes in providing comprehensive logistical support for clinical trials, including GMP-certified pharmaceutical services such as kit production, labeling, packaging, storage, and distribution. The company operates internationally with a strong presence in Europe, the USA, and Asia, serving pharmaceutical and biotechnology companies. Their technical infrastructure is modern, leveraging React and Gatsby frameworks hosted on Netlify, with content managed via Storyblok CMS. However, the website lacks a valid SSL/TLS certificate, which significantly impacts its security posture. While security headers are present, the absence of HTTPS and modern TLS protocols exposes the site to risks. Privacy compliance is partially addressed with a cookie consent mechanism but lacks comprehensive GDPR indicators. Overall, the business credibility is strong, supported by clear contact information, certifications, and consistent WHOIS data. Strategic improvements in SSL configuration and security policies are recommended to enhance trust and compliance.

D

Die Wiener Volkshochschulen GmbH

vhs.at

0

Die Wiener Volkshochschulen GmbH operates the largest adult education platform in Vienna, offering a wide range of courses including languages, health, arts, and professional development. The website is well-designed, content-rich, and targets adult learners, families, and seniors in Vienna. It maintains a strong market position as a non-profit educational institution with official certifications and a comprehensive course catalog. Technically, the site uses Apache server technology, JavaScript modules, and integrates Cookiebot for consent management and Matomo for analytics. Accessibility and SEO are well addressed, with responsive design and clear navigation. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical issue for user trust and data protection. Privacy compliance is strong with GDPR-aligned policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS security to enhance protection and user confidence.

Desmet is a well-established global engineering company specializing in custom plants and equipment for the food, feed, and biofuel industries. With a large workforce and multiple brands, it holds a strong market position supported by extensive experience and a professional digital presence. The website is content-rich, well-structured, and uses modern technologies, but critically lacks HTTPS/SSL, which severely impacts its security posture. While security headers are implemented, the absence of valid SSL/TLS and related configurations exposes the site to risks. Privacy compliance is partially addressed with visible privacy and cookie policies, but no explicit consent mechanism is detected. Business credibility is high due to clear branding, contact information, and WHOIS consistency. Strategic improvements in security infrastructure and incident response readiness are recommended.

S

Specialists in Green Roofs, Grass Roofs and Eco Roofs | Sky Garden

sky-garden.co.uk

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 20 security findings identified across all modules.

S

Swimsol GmbH

swimsol.com

0

Swimsol GmbH is a specialized energy company focused on providing floating and rooftop solar photovoltaic (PV) systems primarily for island environments such as the Maldives. The company positions itself as a leader in solar-at-sea technology with over 35 islands operating their systems and a significant installed capacity. Their business model includes system design, installation, operation, maintenance, and financing options, targeting luxury resorts and small businesses in tropical regions. Technically, the website is built on WordPress with a modern tech stack including Fusion Builder and WP Rocket, but lacks a valid SSL certificate, which impacts security and user trust. The site is well-designed, mobile-optimized, and SEO-friendly, with comprehensive content and strong branding. However, the absence of HTTPS and security headers represents a critical security gap. Privacy compliance is addressed with visible policies and consent mechanisms. Overall, Swimsol demonstrates a strong market presence and professional online representation but should prioritize securing their website with HTTPS and enhanced security practices.

S

SigmaNEST

sigmanest.com

0

SigmaNEST is a well-established software provider specializing in CAD/CAM nesting and manufacturing automation solutions. The company offers a comprehensive suite of products designed to optimize fabrication processes across various machine types including laser, plasma, punch, router, waterjet, tube, and pressbrake. With over 40,000 installations worldwide and a strong market presence, SigmaNEST targets fabricators and manufacturers seeking to improve efficiency, reduce costs, and automate workflows. The website reflects a professional and consistent brand image, supported by multilingual content and customer testimonials, reinforcing its credibility in the manufacturing software sector. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of a valid SSL certificate and lack of TLS protocol support represent significant security shortcomings that undermine user trust and data protection. Despite strong content security policies and secure cookie settings, the lack of HTTPS is a critical vulnerability that must be addressed promptly. From a security perspective, the site demonstrates good use of security headers and GDPR-compliant privacy and cookie policies, including explicit consent mechanisms in its contact forms. No incident response or vulnerability disclosure information is present, which could be improved to enhance transparency and trust. The domain registration data aligns well with the website content and business claims, indicating legitimacy and consistency. Overall, while the business and content quality are excellent, the critical absence of HTTPS significantly lowers the security posture and overall AI score. Strategic improvements in SSL/TLS deployment and enhanced security practices are recommended to elevate the website's trustworthiness and compliance standing.

H

HTL Braunau

htl-braunau.at

0

HTL Braunau is a well-established higher technical vocational school located in Braunau am Inn, Austria, offering specialized education in electronics, electrical engineering, mechatronics, and information technology. The institution serves approximately 1000 students and emphasizes project-based learning with national and international recognition. The website reflects a professional educational institution with clear communication channels and a focus on student engagement through events and partnerships. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and integrates Google Analytics and Tag Manager for visitor insights. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture, exposing users to risks and reducing trust. Privacy and cookie policies are present and GDPR compliant, indicating awareness of data protection requirements. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

M

Mediaplanet Group

mediaplanet.com

0

Mediaplanet Group is a mature, established content marketing company founded in 1993, delivering over 1,000 campaigns annually to a global client base exceeding 15,000. The company operates primarily in the media sector, providing content marketing services worldwide. The website is built on WordPress and leverages modern JavaScript libraries such as jQuery and amCharts, with Cloudflare providing CDN and security services. Despite a professional design and good SEO practices, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. No privacy or cookie policies are present, and no explicit contact information is found on the main page, which affects privacy compliance and business credibility scores. Advertising and tracking tools like Facebook Pixel and Google Tag Manager are integrated, indicating moderate user tracking.

A

Amaris Consulting

amaris.com

0

Amaris Consulting is a well-established global technology consulting firm founded in 2007, operating across multiple sectors including technology, healthcare, finance, transportation, and energy. With a workforce of approximately 7,600 employees spread over 60 countries, it serves over 1,000 clients worldwide. The company is part of the Mantu group, which is confirmed by website footer references and structured data. The website presents a professional and consistent brand image, with comprehensive content describing its services, centers of excellence, and industry focus. Technically, the site is built on WordPress using Elementor and optimized with WP Rocket, but suffers from a critical security issue due to the lack of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a clear privacy policy and GDPR-compliant contact form, but lacks a cookie consent mechanism. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

B

Berlitz Corporation

berlitz.com

0

Berlitz Corporation is a well-established language education provider offering a wide range of language and cultural training services for adults, children, businesses, and government entities. The company holds a strong market position, recognized for its customer service excellence and comprehensive language training solutions. The website reflects a mature digital infrastructure leveraging modern technologies such as React, Gatsby, and AWS hosting, providing a responsive and accessible user experience. Security measures include appropriate HTTP headers and HSTS, although the SSL certificate is currently invalid, which is a critical issue to address. Privacy compliance is good with clear privacy and terms of service policies, but lacks a cookie consent mechanism. Overall, the site demonstrates professionalism and trustworthiness, supported by social media presence and industry certifications.

BMW Thailand operates an official, comprehensive website offering premium automotive products and services tailored to the Thai market. The site showcases new and certified pre-owned BMW vehicles, financial services, digital offerings, and after-sales support, positioning BMW as a leading premium automotive brand in Thailand. The website is built on Adobe Experience Manager and delivered via Akamai CDN, reflecting a mature digital infrastructure. However, the current SSL/TLS configuration is critically flawed, with no valid certificate and disabled TLS protocols, exposing users to security risks. Security headers are partially implemented but require improvements, especially enabling X-XSS-Protection and modern TLS versions. Privacy and cookie policies are present and comprehensive, supporting GDPR compliance. Contact information is primarily via forms and chat, with no explicit emails or phone numbers found. Overall, the site is professional and trustworthy but must urgently address SSL issues to ensure secure user interactions.

V

VF Corporation

vfc.com

0

VF Corporation is a large multinational retail company specializing in outdoor, lifestyle, and workwear apparel and footwear. The website presents a comprehensive portfolio of well-known brands such as Vans, The North Face, Timberland, and others, targeting consumers, investors, and job seekers. The business model focuses on brand management and retail operations with a strong emphasis on corporate responsibility and investor relations. Technically, the website uses Apache server technology, integrates Google Analytics, and leverages CDN services like Amazon Cloudfront for content delivery. The site is well-designed, mobile-optimized, and provides rich content with clear navigation and professional branding. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy compliance is good with a comprehensive privacy policy and terms of use, but no cookie consent mechanism was detected. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

H

HiPP

hipp.de

0

HiPP is a well-established German brand specializing in organic baby food and related care products. Their website serves as both an informational resource and an e-commerce platform, targeting parents and families with young children. The site is rich in content, well-structured, and offers multiple engagement channels including a BabyClub and social media presence. Technically, the site is built on TYPO3 CMS and uses modern web technologies and consent management tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business appears credible and trustworthy, but the security weaknesses pose a risk to user trust and data protection.

C

Caesars Entertainment

caesarsjobs.com

0

Caesars Entertainment operates a comprehensive career website showcasing its extensive hospitality and gaming operations across the United States. The company is a large enterprise with a long history and a broad portfolio of casino resorts and digital sportsbook services. The website is professionally designed, mobile-optimized, and rich in content relevant to job seekers and corporate social responsibility. Technically, the site uses Microsoft IIS, ASP.NET, Adobe Experience Manager, and integrates advanced analytics and marketing tools such as Dynatrace and Google Tag Manager. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are well implemented with OneTrust, reflecting good privacy compliance. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

L

Lamb Weston

lambweston.eu

0

Lamb Weston is a globally recognized leader in the frozen potato products industry, offering a wide range of products including fries, specialties, and appetizers. The company targets foodservice professionals and retail customers primarily in the EMEA region, providing innovative and high-quality potato solutions. Their website reflects a strong market position with comprehensive content, multiple language support, and a focus on sustainability. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, hosted on AWS infrastructure, and demonstrates good mobile optimization and SEO practices. However, the absence of a valid SSL certificate significantly impacts the security posture, exposing the site to potential risks. Privacy and legal policies are well documented, but the lack of a cookie consent mechanism is a compliance gap. Overall, the website is professional and trustworthy but requires urgent security improvements to ensure safe user interactions.

C

Certified Service Vehicle Maintenance & Repair | Experience GM

saturn.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 24 security findings identified across all modules.

N

Northern Virginia Community College

nvcc.edu

0

Northern Virginia Community College (NOVA) is a large public educational institution serving Northern Virginia with multiple campuses and a broad range of academic and workforce programs. The website reflects a professional and comprehensive digital presence targeting students, faculty, and community stakeholders. The technical infrastructure includes modern marketing and analytics tools but lacks a valid SSL certificate, resulting in insecure HTTP access. Security headers are minimal, and no advanced security mechanisms like HSTS or OCSP stapling are implemented. Privacy and terms policies are present and comprehensive, though cookie consent mechanisms are not evident. Overall, the site is trustworthy and well-branded but requires urgent improvements in SSL/TLS deployment to enhance security and user trust.

W

Web Page Under Construction

rshlimited.com

0

The website rshlimited.com currently serves only as a placeholder page indicating that the site is under construction. It is registered through NetworkSolutions.com and does not present any active business content, products, or services. The only contact information available is a phone number for assistance, presumably for domain or hosting support. The lack of active content and business information limits the ability to assess the company's market position or services. Technically, the site is served over HTTP without SSL/TLS encryption, which is a significant security concern. The server technology is Sun-ONE-Web-Server/6.1, and the hosting provider is NetworkSolutions.com. There are no modern web technologies, analytics, or tracking scripts detected. Security posture is weak due to the absence of HTTPS, security headers, and privacy policies. Overall, the site is not yet operational and presents minimal risk but also minimal trust or credibility.

B

BMI Productivity Solutions

bmisw.com

0

BMI Productivity Solutions is a small technology company specializing in productivity enhancement software and services, including document management, loan management, and workflow automation. Established since 1992, the company targets organizations seeking to improve business processes and compliance. Their offerings include both on-premise and cloud-hosted solutions, with cloud hosting on Microsoft Azure and a SOC 2 TYPE II certification indicating some level of security assurance. The website is built on WordPress using the Divi theme and includes plugins for performance and download management. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Other security best practices such as security headers and incident response policies are absent or not publicly disclosed. Privacy compliance is minimal, with a basic privacy policy present but no cookie policy or consent mechanism. Contact information is limited to an email address and a contact form, with no phone number or physical address provided. Overall, the website is professionally designed and content is relevant, but the lack of HTTPS and security controls significantly lowers the security posture and trustworthiness.

H

Huppenkothen GmbH

huppenkothen.at

0

Huppenkothen GmbH operates a professional website focused on the sale and rental of mini and compact construction machinery, serving primarily the Austrian construction sector. The company maintains a strong market position with 42 locations and a large inventory of machines and spare parts. The website is well-designed, content-rich, and optimized for SEO and accessibility, targeting construction professionals and businesses. Technically, the site is built on WordPress with modern plugins and frameworks, but lacks HTTPS, which is a critical security vulnerability. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a mature digital presence but requires urgent security improvements to protect user data and trust.

M

Makino Inc.

makino.com

0

Makino Inc. is a global leader in manufacturing technology, specializing in CNC machine tools including horizontal and vertical machining centers, EDM, and graphite machining centers. The company targets industrial sectors such as aerospace, automotive, medical, semiconductor, and job shops, offering comprehensive solutions including automation, software, engineering services, and support. Their market position is strong, supported by extensive product information and a global presence with regional subsidiaries. Technically, the website employs a modern tech stack with ASP.NET backend and various JavaScript libraries for enhanced user experience. It is hosted behind Cloudflare, ensuring performance and availability. The site is mobile-optimized and includes accessibility features, although performance metrics are not provided. From a security perspective, the site has several important security headers configured, but critically lacks a valid SSL certificate, resulting in no HTTPS protection. This significantly lowers the security posture and exposes users to potential risks. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, the website is professional and trustworthy in content and business representation, but the lack of HTTPS is a critical issue that should be addressed immediately to protect user data and enhance trust.

I

ivii GmbH

ivii.eu

0

ivii GmbH is a small Austrian technology company specializing in AI-powered visual intelligence systems designed to optimize quality assurance and logistics processes in industrial manufacturing environments. Their flagship product, ivii iriis, combines artificial intelligence, machine learning, and camera technology to enable error-free production and logistics workflows. The company positions itself as an innovative provider with a strong focus on practical, plug-and-play solutions that empower employees and improve operational efficiency. The website content is professionally crafted, targeting industrial and logistics sectors, and supported by customer testimonials and ISO 27001 certification, enhancing trust and credibility. Technically, the website is built on WordPress with modern SEO and performance plugins such as Yoast SEO Premium and WP Rocket. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Performance is also suboptimal with a high page load time. Privacy compliance is well addressed with comprehensive GDPR-compliant privacy and cookie policies, including a consent mechanism. The company maintains active social media profiles and provides clear contact information. Security-wise, the lack of HTTPS and modern TLS protocols, absence of security headers, and missing DNSSEC and CAA records expose the site to potential risks. While no active vulnerabilities or WAF blocks are detected, these gaps should be addressed promptly to protect user data and maintain trust. Overall, ivii GmbH demonstrates a strong business and content presence but must urgently improve its security infrastructure to align with best practices and industry standards. Strategic recommendations include implementing SSL/TLS, enabling security headers, and optimizing performance to enhance user experience and trust.

C

CADS GmbH

cads-solution.com

0

CADS GmbH is a specialized software development company focused on innovative medical technology solutions, operating primarily in Austria with a strong partnership with the established KLS Martin Group. Their offerings include advanced software platforms such as IPS Gate® for medical case management, LOG Gate for inventory management, and 3D visualization services, targeting healthcare professionals and institutions worldwide. The website reflects a professional and well-branded digital presence with comprehensive content and multimedia resources. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical security weakness due to an invalid SSL certificate, undermining HTTPS security. Privacy compliance is well addressed with clear cookie management and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by certifications and partnerships, though the lack of a terms of service page and explicit security policies is noted.

B

Byte Media GmbH

vbwienbaden.at

0

Byte Media GmbH operates a WordPress-based website providing SEO, domain trading, and digital marketing services, with a focus on banking and insurance information for Baden bei Wien. The site targets private and business customers seeking financial services in the region. The technical infrastructure relies on nginx, WordPress, jQuery, and Bootstrap, hosted on a Plesk Linux environment. While the content is well-structured and SEO-optimized, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Additionally, no cookie consent mechanism or explicit privacy compliance features are implemented, despite the use of Google Analytics and Tag Manager for tracking. Contact information is clearly presented, and social media presence is strong, enhancing business credibility. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect users and comply with privacy regulations.

BOA Technology is a mature and established company specializing in innovative fit system solutions for performance and sports industries. Their website presents a professional image with comprehensive product information, brand partnerships, and customer support resources. The company targets consumers and businesses in sectors such as cycling, workwear, and outdoor activities, positioning itself as a leader in fit system technology. Technically, the website is built on Drupal 10 and leverages modern web technologies and Cloudflare for hosting and security. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture. While privacy and cookie policies are well implemented, the lack of explicit security policies and incident response information indicates room for improvement in transparency and compliance. Overall, the site is professional and trustworthy but requires urgent security enhancements to protect user data and improve trust.

R

Rexel

rexel.com

0

Rexel is a global leader in multichannel distribution for the energy sector, providing sustainable and innovative solutions to professional customers worldwide. The company operates in 17 countries with nearly 2,000 branches and a workforce of approximately 27,000 employees. Their business model focuses on supporting electricians, installers, commercial and industrial companies, and suppliers with a broad portfolio of energy-related products and services. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability commitments. Technically, the site is built on WordPress with modern SEO plugins and integrates multiple analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security deficiency that undermines user trust and data protection. The site implements strong cookie consent mechanisms and complies with GDPR requirements, but lacks explicit security policies or incident response information. Overall, Rexel's website demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

C

CYLEDGE

cyledge.com

0

CYLEDGE is a consulting firm specializing in collaboration, customer centricity, and incremental innovation to create sustainable value. With over 20 years of market experience, the company offers tailored advisory services including value proposition design, organizational development, customer experience, and coaching. Their client portfolio includes notable companies such as VW, Siemens, and Redbull, indicating a strong market position in the technology and consulting sectors. Technically, the website is built on the Wix Studio platform using modern React 18 technology, with integrated Wix Blog and Forms for content and user engagement. However, the site suffers from slow performance and lacks a valid SSL certificate, which impacts security and user trust. Mobile optimization and accessibility are well addressed, but SEO could be improved. From a security perspective, the site lacks HTTPS and advanced security headers, which is a significant risk. No explicit security or incident response policies are found, and no vulnerabilities are detected in the current analysis. Privacy compliance is adequate with clear privacy and cookie policies, including consent mechanisms. Overall, CYLEDGE presents a professional and trustworthy business with a strong digital presence but should prioritize improving security configurations and website performance to enhance user trust and compliance.

E

Extreme Networks

enterasys.com

0

Extreme Networks is a leading enterprise technology company specializing in AI-powered cloud networking solutions that simplify and secure IT infrastructure. The company holds a strong market position as a Gartner Magic Quadrant Leader for wired and wireless LAN infrastructure. Their key services include the Extreme Platform ONE™, network fabric, cloud-based network management, and comprehensive security solutions. The website demonstrates a high level of digital maturity with modern technologies, responsive design, and rich content tailored for enterprise IT professionals and partners. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that must be addressed to ensure secure communications and trust. Privacy compliance is well managed with comprehensive policies and consent mechanisms in place. Overall, the website is professional, trustworthy, and well-structured but requires immediate improvements in SSL/TLS configuration to enhance security.

I

ifss business excellence | ifss Business Excellence

ifss.net

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 27 security findings identified across all modules.

B

BUWOG GROUP GMBH

buwog.at

0

BUWOG Group GmbH operates as a leading full-service provider in the Austrian residential real estate market, offering property search and management services. The website reflects a professional and consistent brand presence, targeting Austrian customers interested in housing solutions. Technically, the site is built on the Ibexa DXP CMS platform, leveraging modern JavaScript libraries and CDN services for content delivery and performance monitoring. However, the critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support despite the presence of security headers like HSTS. This exposes users to potential risks and undermines trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site is functional and professional but requires urgent remediation of SSL issues to improve security posture and user trust.

S

Saffron Brand Consultants

saffron-consultants.com

0

Saffron Brand Consultants is a well-established global brand consultancy specializing in creating memorable brand experiences through strategy, design, and product delivery. With multiple international offices and a strong portfolio of clients in technology and other sectors, Saffron positions itself as a leader in brand identity and experience ecosystems. The website reflects a professional and consistent brand image with rich multimedia content and comprehensive policy documentation. Technically, the site uses modern frameworks such as Next.js and React, with CDN and video hosting integrations, but lacks HTTPS which is a critical security gap. Security headers are partially implemented but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, but urgent security improvements are needed to protect user data and trust.

Ö

Österreichische Gesundheitskasse

wgkk.at

0

The Österreichische Gesundheitskasse (ÖGK) operates as a major public healthcare insurance provider in Austria, offering a broad range of health-related services and information to insured individuals, employers, and contract partners. The website serves as a comprehensive portal for health facilities, health services, customer support, appointment scheduling, and career opportunities, targeting Austrian residents and stakeholders in the healthcare sector. The organization maintains a consistent and professional online presence with clear branding and trust signals, including official government domain usage and social media engagement. Technically, the website is built on a mature infrastructure utilizing Apache, Jakarta Faces (JSF), jQuery 3.6.0, and Gentics CMS. It integrates advanced features such as a content slider and Piwik PRO analytics for user behavior tracking. However, performance metrics appear incomplete, and the site shows moderate loading characteristics. Accessibility and SEO optimizations are well addressed, with good mobile responsiveness and clear navigation. From a security perspective, the site implements several best practices including a detailed Content-Security-Policy and HttpOnly, Secure cookie flags. Nevertheless, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, severely impacting the security posture. Other SSL/TLS features such as modern protocol support, OCSP stapling, and session resumption are missing. Privacy compliance is strong, with GDPR-aligned cookie consent mechanisms and clear privacy policies. Overall, the website is trustworthy and professionally managed but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will enhance user trust, data protection, and compliance with modern security standards.

R

Rosenbauer International AG

rosenbauer.com

0

Rosenbauer International AG is a globally recognized leader in firefighting technology, manufacturing a wide range of firefighting vehicles, equipment, and digital solutions. With over 150 years of history, the company serves fire departments, municipal authorities, industrial clients, and airports worldwide. The website reflects a mature digital presence with multilingual support and comprehensive product and service information. Technically, the site is built on TYPO3 CMS with PHP backend and uses Amazon CloudFront CDN for delivery. However, the security posture is weakened by an invalid SSL certificate, which undermines HTTPS protection despite the presence of several security headers. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the site is professional and trustworthy but requires urgent SSL remediation to improve security and user trust.

Q

QESTIT

qcentris.com

0

QESTIT is a mature and established company specializing in AI-driven quality assurance and software testing services. The company offers a broad range of services including software testing, intelligent automation, AI-powered quality, cybersecurity, SAP migration, and UX design. Their market position is supported by 25 years of expertise and a professional online presence. Technically, the website is built on HubSpot CMS, uses modern analytics tools, and is hosted behind Cloudflare, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no HTTPS, no OCSP stapling, and no session resumption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and improve trust.

W

WIFI Wien

wifiwien.at

0

WIFI Wien is a prominent educational institution based in Austria, offering a comprehensive range of adult education courses and training programs across multiple sectors including business, health, IT, management, and languages. The website demonstrates a strong market position with extensive course offerings, a user-friendly interface, and integration of modern web technologies. However, the absence of a valid SSL/TLS certificate and lack of HTTPS significantly undermines the site's security posture, exposing users to potential risks. While privacy and cookie policies are well implemented with consent mechanisms, the technical security measures require urgent enhancement to meet modern standards. Overall, WIFI Wien presents a professional and trustworthy educational platform but must prioritize securing its web infrastructure to protect user data and maintain compliance.

E

ECE Projektmanagement G.m.b.H. und Co. KG

ece.de

0

ECE Projektmanagement G.m.b.H. und Co. KG operates a professional and comprehensive website focused on real estate development and management, particularly shopping centers, work & live spaces, and residential projects. The company positions itself as a large player in the German real estate market with a strong portfolio and innovative projects. The website is built on TYPO3 CMS and includes rich content, a contact form, social media integration, and a cookie consent mechanism compliant with GDPR. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. Security headers are partially implemented but the SSL/TLS configuration is severely lacking, exposing the site to risks. The WHOIS data is consistent with the business claims, showing no privacy protection or suspicious registrations. Overall, the site is professional and trustworthy from a business perspective but requires urgent security improvements to protect user data and enhance trust.

G

Greiner Bio-One International GmbH

gbo.com

0

Greiner Bio-One International GmbH is a large, globally active company specializing in biotechnology, medical devices, in vitro diagnostics, and research products. The company operates with a strong customer focus and maintains a diversified portfolio with production sites in multiple countries. Their website reflects a mature digital presence with comprehensive product information, news, and resources targeted at healthcare and research professionals. Technically, the site is built on TYPO3 CMS and hosted behind Cloudflare, but suffers from critical security shortcomings including the absence of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. Privacy and legal compliance are well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

V

Vapiano Franchising s.r.o.

vapiano.com

0

Vapiano is an established international hospitality brand specializing in fresh handmade pasta, pizza, and salads served in a casual dining environment. Founded in 2002, the company operates a franchise business model with over 155 global restaurants. The website reflects a professional brand presence with consistent design and clear navigation targeting consumers seeking quality Italian cuisine in a relaxed setting. Technically, the site is built on WordPress hosted on WP Engine and protected by Cloudflare, utilizing common web technologies such as jQuery, Google Tag Manager, and Google Maps API. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and reducing trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to meet modern standards.

M

MedTriX Group

medizin-medien.at

0

MedTriX Group is a specialized medical communication service provider with a strong presence in Austria, Germany, and Switzerland. The company offers unique healthcare professional (HCP) data intelligence and a broad portfolio of services including data targeting, CRM data quality enhancement, telephone communication, medical media publishing, digital newsletters, and educational events. Their market position is reinforced by a strong regional footprint and partnerships with sister companies MTX Schweiz and MTX Deutschland. Technically, the website is built on WordPress with Elementor and Yoast SEO, indicating a modern CMS and SEO-friendly infrastructure. However, performance metrics are lacking, and the SSL/TLS configuration is critically flawed with no valid certificate and no TLS protocols enabled, which severely impacts security and trust. Security posture is weak due to the invalid SSL certificate and incomplete TLS support, despite the presence of several security headers. Privacy compliance is strong with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is comprehensive and professionally presented, enhancing business credibility. Overall, the site is functional and professional but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic improvements in security configuration and performance optimization are recommended.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Raiffeisen Landesbank Kärnten is a prominent regional bank in Austria, specializing in comprehensive financial services for private and corporate clients. The website reflects a mature digital presence with extensive service offerings including corporate banking, private banking, investment, insurance, and online banking solutions. The bank emphasizes personalized service and regional economic support, positioning itself as a trusted partner for businesses and individuals in Carinthia. Technically, the site is built on Adobe Experience Manager with modern JavaScript frameworks and includes advanced cookie consent management. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. Privacy policies and legal documents are well presented, supporting GDPR compliance. Overall, the site is professional and trustworthy but urgently requires remediation of its SSL/TLS configuration to ensure secure communications and maintain customer trust.

The website sideshoreonline.nl is currently a parked domain page managed by Sedo Domain Parking service, with no active business content or services offered. The site primarily displays advertisements and related search links, targeting general internet users seeking information. The domain appears recently registered and lacks any identifiable company or organizational presence. Technically, the site uses basic HTML and JavaScript with Sedo and Google Adsense scripts but lacks modern CMS or frameworks. Performance is slow, and mobile optimization is minimal. Security posture is weak due to the absence of HTTPS and critical security headers, exposing visitors to potential risks. Privacy compliance is minimal with only a basic cookie consent banner and a generic privacy policy hosted externally by Sedo. Overall, the site lacks trust indicators, contact information, and business legitimacy, resulting in a low credibility and security score.

A

acccoi partners GmbH

acccoi.com

0

acccoi partners GmbH is a small technology-focused company based in Austria specializing in enabling corporate business development through startup collaboration, corporate accelerators, and co-innovation programs. Established since 2012, the company targets large corporates and startups seeking innovation partnerships. The website is built on WordPress using Elementor and several plugins for SEO and marketing, but lacks HTTPS which is a critical security shortfall. The site includes standard legal pages and contact mechanisms, including a contact form and social media links. However, Google Analytics is installed but not configured, and performance metrics are unavailable. Security posture is weak due to missing SSL/TLS and security headers, exposing the site to risks. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

Bit Inc

bit-inc.net

0

Bit Inc is a small technology integration company based in the United States, specializing in network system integration services including copper and fiber cabling, WiFi systems, surveillance, access control, and distributed audio/video solutions. The company positions itself as a reliable service provider with a focus on quality and customer service, partnering with reputable vendors and offering warranties. The website is built on the Wix platform, utilizing modern web technologies such as React and various Wix apps for enhanced user experience. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Additionally, no privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, supporting business credibility. Overall, the site demonstrates good content quality and business professionalism but requires urgent security and compliance improvements.

F

Fair Finance

fairfinance.org.uk

0

Fair Finance is a UK-based direct lender specializing in affordable personal loans up to £3000, targeting individuals including those with bad credit or on benefits. The company emphasizes social impact and financial advice, operating with FCA authorization. The website is built on WordPress with Elementor and integrates multiple marketing and analytics tools such as Google Analytics, Tag Manager, Hotjar, and Trustpilot for reputation management. Despite a professional design and clear business information, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy and terms of service pages are present and comprehensive, but no cookie consent mechanism is implemented despite tracking scripts being active. Contact information including phone and physical address is clearly provided, enhancing business credibility.

H

HICO

hico-ics.com

0

HICO is a specialized provider of Integrated Product Support (IPS) business solutions targeting sectors such as civil and military aviation, security and defence, shipbuilding, rail, and IT solutions. Their offerings include engineering support, maintenance planning, supply support, IPS management, technical documentation, and training services. The company positions itself as a niche player with a focus on maximizing system availability and cost optimization. The website is professionally designed using WordPress CMS with modern plugins and SEO optimizations, though performance is moderate and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing advanced SSL features. Privacy compliance is adequate with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by detailed service descriptions and consistent branding, but contact information lacks explicit phone numbers or direct emails on the homepage. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

The website analyzed is a Microsoft Learn documentation page dedicated to Azure Migrate, a cloud migration service by Microsoft. It provides detailed, up-to-date information about new features, updates, and capabilities of Azure Migrate, targeting IT professionals and enterprises planning cloud migration. The site is part of the Microsoft Learn platform, reflecting a mature and well-established business with a strong market position in cloud services. Technically, the site leverages Microsoft Azure hosting and content delivery networks, uses modern JavaScript libraries, and integrates analytics and marketing tools such as Azure Monitor and Adobe Target. The content is well-structured, accessible, and optimized for SEO and mobile devices, providing an excellent user experience. However, a critical security issue is present: the SSL/TLS certificate is invalid or missing, and no TLS protocols are enabled, despite the presence of strict security headers like HSTS. This significantly undermines the security posture and trustworthiness of the site. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, consistent with Microsoft's standards. Overall, the site demonstrates high business credibility and technical maturity but requires urgent remediation of SSL/TLS configuration to ensure secure communications and maintain trust.