Security Directory

Titan Machinery is a large, established full-service dealer specializing in agriculture and construction equipment, operating over 100 dealerships across multiple countries. The company offers new and used equipment sales, rentals, parts, service, and financing solutions, representing major CNH Industrial brands. The website is professionally designed using modern technologies such as ASP.NET and Vue.js, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Privacy and cookie policies are present but basic, and no direct contact information is visible on the homepage. Social media presence is strong, supporting brand trust. The domain is mature and well-protected, indicating a legitimate business. Overall, the website demonstrates good business credibility and technical implementation but requires urgent security improvements.

F

Fellner Wratzfeld & Partner Rechtsanwälte GmbH

fwp.at

0

Fellner Wratzfeld & Partner Rechtsanwälte GmbH is a leading Austrian law firm with over 130 highly qualified professionals. The firm offers a broad range of legal services including corporate law, banking and finance, compliance, ESG, real estate, and dispute resolution. It holds a strong market position supported by multiple industry awards and recognitions such as EMEA Top Tier Firm 2025 and IFLR1000 2024. The website is professionally designed, content-rich, and targets businesses and individuals seeking legal expertise in Austria and related sectors. Technically, the site runs on an Apache Ubuntu server with Bootstrap and Google Tag Manager integration, but suffers from slow performance and lacks a valid SSL certificate, which impacts its security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. The security posture is basic, with no HTTPS enabled and missing key security headers, exposing the site to potential risks. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS configuration and security best practices to enhance user trust and data protection.

V

Vienna House: Home

vi-hotels.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 27 security findings identified across all modules.

GE Vernova is a leading global energy technology company focused on accelerating the transition to reliable, affordable, and sustainable energy. The company offers a broad portfolio of energy generation and electrification technologies including gas, hydro, nuclear, steam power, wind power, and advanced electrification software and services. Their market position is strong, supported by a large global workforce and extensive technology base that contributes significantly to global electricity generation. The website reflects a professional and comprehensive digital presence with detailed business, investor, and sustainability information targeted at industry stakeholders, investors, partners, and potential employees. Technically, the site is built on Drupal 10, uses Cloudflare CDN, and integrates modern analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present and appear compliant with GDPR standards. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Advance International Media Limited operates as a media planning and advertising agency focused on placing brands across influential media titles internationally. The company offers services including digital planning and advertising, programmatic advertising, content marketing, and print advertising. Their market position is that of a small, specialized media agency with a presence primarily in the UK and partnerships across Europe. The website content is professionally presented with good navigation and relevant business information targeting brands and advertisers seeking international media exposure. Technically, the website is built on WordPress using common libraries such as jQuery and Slick Carousel, hosted on 1&1 IONOS DNS infrastructure. However, the site lacks HTTPS, which is a critical security shortfall. Security headers are minimal and no advanced security policies or incident response contacts are disclosed. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the website demonstrates moderate business credibility but requires significant improvements in security and privacy compliance to meet modern standards.

Meusburger Georg GmbH & Co KG is a market leader in manufacturing high-precision standard parts, serving global customers in mould, die, and jig & fixture construction. The company offers a comprehensive product portfolio including standard parts, workshop equipment, hot runner systems, and control systems. Their website reflects a mature digital presence with extensive product categorization and multi-language support. However, the absence of a valid SSL/TLS certificate significantly impacts the security posture, exposing users to potential risks. Security headers are well configured, but the lack of HTTPS is a critical vulnerability. Privacy compliance is moderate with a privacy policy present but no visible cookie consent mechanism. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

T

Tyromotion GmbH

tyromotion.com

0

Tyromotion GmbH is a medium-sized Austrian company specializing in the development and manufacture of advanced technology-driven rehabilitation and therapy devices, targeting healthcare professionals and patients globally. The company holds a strong market position as a leading innovator in robotic-assisted rehabilitation solutions and patient management software. Their website reflects a professional and comprehensive digital presence, showcasing detailed product information, customer references, and active engagement through social media and newsletters. Technically, the site is built on WordPress with modern SEO and multilingual support, but suffers from slow performance and lacks a valid SSL certificate, which critically impacts security and user trust. Security headers are partially implemented, but the absence of HTTPS and TLS protocols is a significant vulnerability. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

A

Activision Publishing

treyarch.com

0

Treyarch.com is the official website of Treyarch Studios, a renowned video game developer known for the Call of Duty Black Ops series. The site is professionally designed, targeting gamers and industry professionals, and showcases the company's history, culture, and game portfolio. It operates under the parent company Activision Publishing, reflecting a strong market position in the gaming industry. Technically, the site uses Adobe Experience Manager CMS, hosted via Akamai, and integrates modern marketing and analytics tools such as Google Tag Manager and Adobe Launch. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue for user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, linked through the parent company domain. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

E

easybank

easybank.at

0

easybank is a leading direct bank in Austria, offering a comprehensive range of financial services including personal and business accounts, loans, credit cards, savings, and investment products. The website reflects a mature digital presence with a focus on user experience, mobile optimization, and clear navigation. The business is well-positioned in the Austrian banking sector, supported by its parent company BAWAG Group and subsidiaries such as easyleasing.at. Technically, the site uses CoreMedia CMS and integrates modern marketing and analytics tools like Adobe and Google Tag Manager, alongside a consent management platform for privacy compliance. However, the website suffers from a critical security deficiency: it lacks a valid SSL certificate and does not support HTTPS, exposing users to significant risks. Security headers and modern TLS protocols are also absent, which undermines the overall security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR. Overall, while the business and content quality are excellent, the security shortcomings significantly impact the risk profile and trustworthiness of the site.

G

GE HealthCare

gehealthcare.com

0

GE HealthCare is a leading enterprise in the healthcare technology sector, specializing in precision health solutions including imaging systems, ultrasound, patient care, pharmaceutical imaging agents, and digital healthcare solutions. The company targets healthcare providers and clinicians, offering integrated technologies to improve patient outcomes and operational efficiency. The website reflects a mature, well-established business with a strong market position and comprehensive service offerings. Technically, the website is built on a modern stack including React and Sitecore CMS, with extensive use of analytics and marketing tools such as Google Tag Manager, Adobe Marketing Cloud, and New Relic. The site is well-optimized for mobile and accessibility, though performance is moderate due to large page size and resource count. Security posture is a concern due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue. Other security best practices like HSTS and OCSP stapling are also missing. The domain is mature and registered consistently with the business claims, enhancing trustworthiness. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling modern TLS protocols, and improving security headers and mechanisms.

A

AFFiRiS AG

affiris.com

0

AFFiRiS AG is a clinical-stage biopharmaceutical company based in Austria, specializing in the development of novel immunotherapies for chronic diseases such as neurodegenerative disorders and hypercholesterolemia. The company leverages its proprietary AFFITOME® technology to create Specific Active ImmunoTherapies (SAIT) aimed at improving patient outcomes beyond current treatment options. The website presents a professional and well-structured digital presence targeting patients, investors, and healthcare professionals, with clear business and contact information. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk that undermines user trust and data protection. The site uses WordPress CMS with common plugins and libraries, but performance metrics indicate slow loading times, suggesting room for technical optimization. Privacy compliance is addressed through a cookie consent banner and a privacy policy, though terms of service and explicit security policies are not evident. Overall, AFFiRiS demonstrates a credible business profile with a need to urgently improve its security posture to protect visitors and comply with best practices.

B

Bauer Media Group

bauermedia.co.uk

0

Bauer Media Group is a well-established UK-based media company operating across multiple sectors including audio broadcasting, publishing, and advertising services. The company targets a broad UK adult audience and maintains a strong market position with a portfolio of iconic brands. The website reflects a mature digital presence with comprehensive content, structured data, and good SEO practices. However, the technical infrastructure shows critical security gaps, notably the absence of a valid SSL/TLS certificate and lack of HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed through external policies and a consent management platform. Overall, the business credibility is strong, but the security weaknesses pose risks that should be urgently addressed.

V

Vienna Insurance Group

vig.com

0

Vienna Insurance Group (VIG) is a leading insurance group in Central and Eastern Europe, operating through over 50 insurance companies and pension funds across 30 countries with approximately 30,000 employees. The website reflects a mature, enterprise-level business with a strong market position and comprehensive service offerings in insurance and reinsurance. The digital infrastructure is modern, leveraging JavaScript frameworks and a CMS (Umbraco), with good content quality and user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical vulnerability for a financial services website. Privacy and cookie policies are well implemented and GDPR compliant, supporting regulatory adherence. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure communications.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

biocrates life sciences ag

biocrates.com

0

biocrates life sciences ag is a well-established company specializing in quantitative metabolomics kits and services, serving a global scientific and research audience. Their offerings include metabolomics phenotyping, data analysis, pathway analysis, and multiomics data services, supported by a strong community and certified laboratories. The website is professionally designed with comprehensive content and clear navigation, targeting researchers and institutions in healthcare and biotechnology sectors. Technically, the site runs on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent WHOIS data and trust indicators such as testimonials and certifications. Strategic improvements in SSL deployment and security hardening are recommended to enhance trust and compliance.

A

Attention Required! | Cloudflare

kiska.com

0

The website kiska.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking the visitor. The accessible content is limited to a Cloudflare challenge page indicating that the visitor has been blocked due to triggering security rules. As a result, no business content, metadata, or contact information is available for analysis. The DNS records show that the domain uses Cloudflare for DNS and mail services, but the SSL/TLS configuration is invalid or missing, resulting in no HTTPS support. This significantly impacts the security posture and trustworthiness of the site. Overall, the site lacks visible privacy, cookie, or terms of service policies, and no forms or business contact details are present. The site’s technical infrastructure relies heavily on Cloudflare, but the current blocking status prevents a full assessment of the business or technical maturity.

E

Ethical Workforce

ethicalworkforce.co.uk

0

Ethical Workforce is a specialist hospitality recruitment agency based in London, offering permanent and temporary staffing solutions with an international reach. The company targets both employers seeking hospitality staff and jobseekers looking for roles in the hospitality sector. Their website presents a professional image with clear service offerings and client testimonials from notable hospitality figures, positioning them as a trusted niche player in the recruitment market. Technically, the website is built on WordPress using PHP 7.4 and Apache, with common plugins such as Yoast SEO and WPBakery Page Builder. Google Tag Manager is used for analytics and marketing tracking. The site is mobile optimized and SEO friendly, but lacks performance metrics data. The hosting provider is not explicitly identified but uses hdodns.com nameservers. From a security perspective, the site has critical weaknesses: it does not have an SSL/TLS certificate installed, serving content over HTTP only, which severely impacts user trust and data security. No modern TLS protocols or security headers are present. Cookie consent is implemented, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements, especially implementing HTTPS and enhancing privacy compliance. Strategic recommendations include obtaining a valid SSL certificate, adding comprehensive privacy and terms pages, and improving security headers to protect users and build trust.

Z

ZETA

zeta.com

0

ZETA is a large, established engineering and consulting company specializing in the pharmaceutical and biotech industries. They provide comprehensive services including process engineering, automation, food engineering, lifecycle management, and digitalization solutions. The company operates globally with multiple locations and a strong market presence in Austria and beyond. Their website reflects a professional and content-rich digital presence targeting industry clients seeking advanced technological solutions. Technically, the website is built on the Contao CMS platform, served by Apache, and uses common web technologies such as jQuery and Google Tag Manager. While the site is well-structured and optimized for mobile devices, performance metrics indicate slow loading times, and accessibility features are basic. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. Security headers are partially implemented, but important features like HSTS, OCSP stapling, and session resumption are missing. The extensive use of tracking and marketing tools is managed with a clear cookie consent mechanism, indicating good privacy compliance. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include immediate SSL certificate installation, enabling modern security protocols, and enhancing security headers to meet industry best practices.

T

TD SYNNEX Corporation

techdata.com

0

TD SYNNEX Corporation operates as a leading global technology distributor and solutions aggregator, serving a broad ecosystem of technology partners, vendors, and customers. The company offers a wide range of services including technology solutions, business services, digital platforms, and technology education, positioning itself as a central player in the IT distribution market. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its enterprise audience. Technically, the site is built on WordPress with Visual Composer and uses modern web technologies; however, performance is moderate and accessibility features are basic. Security posture is currently weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates high business credibility but requires urgent security improvements to protect user data and maintain trust.

Takeda Pharmaceutical Company Limited is a leading global biopharmaceutical company headquartered in Japan, focused on research, development, and commercialization of innovative medicines across multiple therapeutic areas including oncology, rare diseases, neuroscience, and vaccines. The website serves a diverse audience including patients, healthcare professionals, investors, and job seekers, offering comprehensive corporate, scientific, and investor information. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel with Cloudflare CDN, ensuring good performance and mobile optimization. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the site demonstrates good compliance with GDPR. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

The website for Stora Enso is currently inaccessible due to a Cloudflare firewall block, presenting a minimal page indicating the user has been blocked by the firewall. This prevents access to any substantive business content, policies, or contact information. The domain is mature and registered with strong protections, indicating a legitimate and established business presence. However, the lack of a valid SSL certificate and HTTPS support on the site is a critical security deficiency. The technical infrastructure relies on Cloudflare for security and hosting, but the SSL configuration is incomplete or invalid, which severely impacts the security posture. Overall, the site is not currently usable for end users, and the lack of visible privacy or cookie policies further reduces compliance and trust. Strategic recommendations include resolving SSL issues, improving content accessibility, and publishing comprehensive privacy and security policies.

T

TD Canada Trust

td.com

0

TD Canada Trust is a leading North American financial institution offering a broad range of banking and investment services to personal, small business, and commercial clients. The website reflects a mature digital presence with comprehensive content on corporate values, sustainability, innovation, and customer care. The technical infrastructure is built on Adobe Experience Manager and supported by major third-party services for analytics and marketing. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data confidentiality and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements.

S

Strom und Gas für Düsseldorf und NRW | Stadtwerke Düsseldorf

swd-ag.de

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 29 security findings identified across all modules.

J

JOANNEUM RESEARCH Forschungsgesellschaft mbH

joanneum.at

0

JOANNEUM RESEARCH Forschungsgesellschaft mbH is a leading Austrian research institution specializing in applied research and technology development across multiple sectors including healthcare, digital technologies, robotics, and environmental sciences. The organization serves industry, government, and research partners with innovative solutions and maintains a strong market position supported by international collaborations and a large workforce. The website reflects a mature digital presence with comprehensive content and professional design, targeting stakeholders in research and industry. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are well implemented, indicating good GDPR compliance. However, the absence of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the site is trustworthy and professional but requires urgent security enhancements to protect user data and improve trust.

W

WIG Wietersdorfer Holding GmbH

wietersdorfer.com

0

WIG Wietersdorfer Holding GmbH is a large, family-owned industrial enterprise based in Austria with a 125-year history. The company operates internationally with subsidiaries in multiple countries, focusing on sectors such as cement, lime, GFK and PP pipe systems, and industrial minerals. Their business model is centered on manufacturing and global distribution, targeting industrial and construction markets. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with the Avada theme and uses common plugins for forms, multilingual content, and cookie management. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocols, which is a critical issue that needs immediate remediation. Privacy compliance is well addressed with comprehensive policies and a robust cookie consent mechanism. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect user data and maintain trust.

A

Air Liquide

airliquide.com

0

Air Liquide is a global leader in gases, technologies, and services for industry and healthcare, operating in 60 countries with a large workforce and millions of customers. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding. However, the technical security posture is weak due to an invalid SSL certificate and disabled TLS protocols, which poses significant risks to user trust and data security. Privacy and cookie policies are well implemented and GDPR compliant, supporting regulatory adherence. The absence of direct contact information and vulnerability disclosure policies suggests areas for improvement in transparency and incident response readiness. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy.

W

Wüstenrot

wuestenrot.at

0

Wüstenrot is a well-established Austrian financial services provider with a 100-year history, offering integrated banking, insurance, and savings products. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to private customers in Austria. Technically, the site is built on Adobe Experience Manager and uses modern web technologies and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and enabled TLS protocols, exposing users to potential risks. Privacy compliance is strong with GDPR-aligned cookie consent and detailed privacy policies. Overall, the business is credible and trustworthy, but urgent security improvements are needed to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

C

Cropster

cropster.com

0

Cropster is a mature, market-leading SaaS provider specializing in software solutions for the coffee industry, including roasting, inventory, and quality management. The company targets coffee farmers, roasters, and cafe managers with a comprehensive suite of products designed to streamline workflows and improve operational efficiency. Cropster maintains a consistent and professional brand presence with multilingual support and active content updates. Technically, the website is built on WordPress, leveraging modern JavaScript frameworks and AWS CloudFront CDN for delivery. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, despite the presence of strong security headers. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. The domain registration is consistent and trustworthy, reflecting a stable business operation. Overall, Cropster presents a professional and credible online presence but must urgently address SSL/TLS issues to improve security and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The domain c-oncept.com currently hosts a parked domain page provided by Aruba.it, indicating that the domain is registered but not actively used for business purposes. The page contains minimal content, primarily informing visitors that the domain is taken, with no business description, contact information, or interactive elements. The technical infrastructure is based on Microsoft IIS 10.0 and ASP.NET, hosted by Aruba.it, but lacks a valid SSL certificate and modern security configurations. This results in an insecure HTTP-only site with no HTTPS support. Security posture is weak due to missing SSL, lack of security headers, and no evidence of privacy or cookie policies. Overall, the site does not present any business credibility or privacy compliance features, and no analytics or tracking technologies are detected.

G

Grand Hotel Oslo

grand.no

0

Grand Hotel Oslo is a historic and iconic hospitality business located in the heart of Oslo, Norway. It offers premium hotel accommodations, multiple restaurants and bars, event hosting facilities, and spa services. The hotel targets tourists, business travelers, and event organizers, positioning itself as a luxury and culturally significant venue. The website reflects a professional and consistent brand image with clear business information and trust indicators such as environmental certification and social media presence. Technically, the site uses modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking, hosted likely on Microsoft Azure infrastructure. However, a critical security gap exists as the website lacks HTTPS/SSL encryption, exposing visitors to potential risks. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are found. Overall, the website is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

T

Tetra Pak International S.A.

tetrapak.com

0

Tetra Pak International S.A. operates a comprehensive global website showcasing its leadership in food processing and packaging solutions. The company targets food and beverage industry professionals, offering a broad range of services including packaging, integrated equipment, product innovation, and digital automation. The website is well-structured, professionally designed, and optimized for SEO and accessibility, reflecting a mature digital presence. Technically, the site is built on Adobe Experience Manager and hosted on IBM PWS, leveraging modern web technologies and third-party tools for analytics and cookie consent. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR and related regulations. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of SSL and TLS issues to improve security and trust.

D

DuPont

dupont.com

0

DuPont is a globally recognized enterprise specializing in manufacturing essential innovations across multiple sectors including automotive, electronics, healthcare, and water management. The company leverages science and innovation to deliver products such as protective equipment, clean water solutions, and advanced materials. The website reflects a professional and consistent brand presence targeting industrial and commercial clients. Technically, the site is built on Adobe Experience Manager with modern JavaScript libraries and integrates analytics and marketing tools such as Adobe Launch and Pingdom. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

Canto operates as a leading provider of digital asset management (DAM) solutions, offering a comprehensive SaaS platform designed to help businesses organize, edit, share, and analyze digital content efficiently. The company positions itself as an industry leader with a strong focus on enterprise customers, providing feature-rich tools that enhance content workflows and brand management. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website is built using modern web technologies including Vue.js and is hosted on Netlify, indicating a contemporary and scalable infrastructure. The site demonstrates good SEO and mobile optimization practices, although performance metrics are not explicitly available. Accessibility is basic but present. The use of structured data and meta tags supports search engine visibility. From a security perspective, the site has several critical shortcomings. Despite having security headers like X-Content-Type-Options and X-Frame-Options, the absence of a valid SSL certificate and lack of HTTPS support severely undermine the security posture. No TLS protocols are enabled, and HSTS is not enforced, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit contact emails or phone numbers are provided, relying instead on contact forms. Overall, while the business and technical aspects of the website are strong, the critical lack of SSL/TLS encryption represents a significant risk that must be addressed promptly. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enforcing HSTS to protect user data and maintain trust. Enhancing contact transparency and expanding security frameworks would further strengthen the company's security and compliance posture.

M

Mayr-Melnhof Holz Holding AG

mm-holz.com

0

Mayr-Melnhof Holz is a leading European manufacturer in the wood industry, specializing in engineered wood products such as glued laminated timber and cross-laminated timber. With a history spanning over 170 years, the company holds a strong market position and offers a comprehensive range of wood construction solutions. The website reflects a mature digital presence with detailed product information, references, and a multilingual interface targeting architects, planners, and industry professionals. Technically, the site is built on TYPO3 CMS and employs modern JavaScript libraries like Owl Carousel and Google Analytics for user tracking. However, the site suffers from slow load times and lacks a valid SSL certificate, which significantly impacts its security posture. The absence of HTTPS and modern TLS protocols is a critical vulnerability that needs immediate remediation. Security-wise, the company has implemented SPF records and avoids subdomain takeover risks, but the lack of DNSSEC, HSTS, and OCSP stapling reduces its overall security maturity. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, the website is professional and content-rich but requires urgent security improvements, especially regarding SSL/TLS configuration, to enhance trust and protect user data.

P

Pave Commute

carployee.com

0

Pave Commute, formerly known as Carployee, is a technology company focused on promoting sustainable commuting behaviors within organizations. Their primary offering is a SaaS-based app that incentivizes and rewards employees for sustainable commuting, aiming to improve employee satisfaction and foster a positive company culture. The company targets HR leaders, sustainability managers, teams, and transportation managers, positioning itself as a key player in the transportation and sustainability sector. The website demonstrates a professional and consistent brand presence with clear business information and multiple contact channels. Technically, the website is built on WordPress with Elementor, utilizing modern web technologies such as jQuery and lazy loading for images. It is hosted behind Cloudflare, which provides CDN and security services. However, the site lacks a valid SSL certificate and does not support TLS, which is a significant security concern. Performance is currently slow, and while the site is mobile-optimized and accessible, improvements in security configurations are necessary. From a security perspective, the absence of HTTPS and TLS support is critical, exposing users to potential data interception risks. The site does implement some security headers and uses secure cookie flags, but lacks advanced protections like HSTS and OCSP stapling. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Contact information is readily available, enhancing business credibility. Overall, while the business and content quality are high, the security posture significantly lowers the risk profile. It is recommended that Pave Commute prioritize obtaining and configuring a valid SSL/TLS certificate and enhancing their security headers to protect user data and maintain trust. The company shows strong legitimacy and market positioning but must address these critical security issues to ensure safe and compliant operations.

S

Salzburger Nachrichten Medien GmbH & Co. KG

salzburg.com

0

Salzburger Nachrichten Medien GmbH & Co. KG operates a mature and well-established regional news website focused on Salzburg, Austria, and international news. The site offers a wide range of content including politics, economy, culture, sports, and local events, supported by various services such as job listings, real estate, e-paper, and podcasts. The company maintains a strong market position as a leading media provider in the region with a consistent and professional brand presence. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, leveraging GraphQL for data management. It uses Varnish caching and is hosted on Conova infrastructure. The site is well-optimized for mobile and SEO, with good accessibility features. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap. From a security perspective, the website lacks HTTPS, HSTS, and other essential security headers, which significantly lowers its security posture. While no critical vulnerabilities or malware were detected, the lack of encryption exposes users to potential risks. Privacy policies and cookie consent mechanisms are in place, indicating compliance with GDPR requirements. Overall, the website is content-rich and professionally managed but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and enhancing incident response capabilities.

W

wikifolio Financial Technologies AG

wikifolio.com

0

wikifolio Financial Technologies AG operates a sophisticated online investment platform focused on European stocks and social trading. The platform enables investors worldwide to access trading ideas, create virtual portfolios, and invest in wikifolio certificates listed on stock exchanges in Germany, Austria, and Switzerland. The company is well-positioned in the European finance sector with a medium-sized operation and a strong brand presence supported by partnerships and positive testimonials. Technically, the website leverages modern web technologies including React, Next.js, and Chakra UI, hosted on Azure infrastructure with CDN support for performance. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a professional user experience. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. Security headers are partially implemented but key features like HSTS and OCSP stapling are missing. Privacy compliance is strong with comprehensive policies and clear contact information, but incident response and security policy disclosures are absent. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS security to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling TLS 1.2+, and enhancing security headers and incident response readiness.

SIGEL is a medium-sized manufacturing company specializing in innovative office equipment and smart procurement solutions tailored for modern, agile work environments. The company positions itself as a trusted partner for businesses seeking high-quality office products, supported by multiple international design awards and ISO certification. The website is professionally designed using Drupal 11, with strong SEO, accessibility, and multi-language support, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture. While security headers and cookie consent mechanisms are well implemented, the lack of incident response and vulnerability disclosure policies indicates room for improvement in security governance. Overall, the website is trustworthy and professional but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

P

Pankl SHW Industries AG

pankl.com

0

Pankl SHW Industries AG operates as a leading Austrian manufacturing group specializing in high-technology mechanical systems for niche markets including motorsport, luxury automotive, and aerospace. The company is majority-owned by Pierer Industrie AG and maintains a strong international presence with 21 locations and over 4,200 employees. Their product portfolio spans engine and turbo systems, drivetrain components, forged parts, aerospace components, and advanced powder metallurgy products. The website reflects a professional corporate identity with comprehensive content and clear navigation, targeting industrial clients and partners. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, indicating GDPR compliance. The domain registration is mature and consistent with the business claims, enhancing trustworthiness. Strategic security improvements are recommended to elevate the site's protection and user trust.

S

Spanische Hofreitschule & Lipizzanergestüt Piber

srs.at

0

The website for Spanische Hofreitschule & Lipizzanergestüt Piber represents a well-established cultural institution in Austria focused on classical horse riding performances and heritage preservation. It offers rich content about its services, events, and visitor information, targeting tourists and cultural enthusiasts. The site uses modern CMS technology (Craft CMS) and integrates privacy-compliant analytics and cookie consent mechanisms. However, the lack of a valid SSL certificate and HTTPS severely impacts its security posture. While security headers are partially implemented, the absence of encryption exposes users to risks. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is professionally designed and user-friendly but requires urgent security improvements to protect visitors and enhance trust.

E

EVN

evn.at

0

EVN is a large Austrian energy provider specializing in electricity, gas, heating, water, photovoltaic solutions, and e-mobility services. The website targets private customers, businesses, agriculture, and municipalities, offering a comprehensive range of energy-related products and services. The company maintains a professional and consistent online presence with clear navigation and rich content. Technically, the site uses Kentico CMS, Cloudflare CDN, and integrates analytics tools like eTracker and Microsoft Application Insights. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically impacts secure communications. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS configuration to ensure user security.

S

Svenska Cellulosa Aktiebolaget SCA (publ)

sca.com

0

SCA (Svenska Cellulosa Aktiebolaget) is a large enterprise operating primarily in the forestry, energy, and logistics sectors, with a strong focus on sustainability and renewable resources. The company manages Europe's largest private forest holdings and offers a comprehensive value chain including forest services, wood products, containerboard, renewable energy, pulp, and logistics. The website is professionally designed, content-rich, and well-structured, targeting stakeholders such as forest owners, investors, customers, and job seekers. Technically, the site uses modern JavaScript modules, SVG graphics, and is hosted behind Cloudflare, but lacks a valid SSL certificate, resulting in no HTTPS support which is a critical security concern. Privacy and cookie policies are present and indicate GDPR compliance, and the site uses Piwik PRO for analytics with moderate user tracking. The security posture is weak due to the absence of HTTPS and modern TLS protocols, no HSTS, and no OCSP stapling. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

I

IBT Connecting Energies GmbH

ibtgroup.at

0

IBT Connecting Energies GmbH is a medium-sized energy sector company specializing in high-efficiency cogeneration and trigeneration solutions for industrial clients. The company has a strong market position in Italy and Europe, supported by strategic partnerships with technology leaders such as Capstone Green Energy and Century Corporation. Their business model focuses on B2B energy efficiency projects, including consulting, implementation, maintenance, and investment services. The website reflects a professional digital presence with comprehensive content and clear navigation, targeting industrial customers seeking sustainable energy solutions. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted likely on SiteGround. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Social media integration and partner logos further strengthen credibility. Overall, the site demonstrates good digital maturity but requires urgent security improvements to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Polymer Competence Center Leoben GmbH

pccl.at

0

The Polymer Competence Center Leoben GmbH (PCCL) is a leading Austrian research institution specializing in polymer technology and polymer sciences. It collaborates closely with industry partners and academic institutions to deliver innovative R&D projects across sectors such as automotive, aerospace, packaging, and renewable energy. The website reflects a mature organization with a clear focus on cooperative research and sustainable polymer solutions. Technically, the site is built on Joomla CMS with a variety of extensions and frameworks, but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy and compliance documentation is well maintained, including GDPR-compliant privacy policies and incident reporting mechanisms. Overall, the site is professional and content-rich but requires urgent improvements in security infrastructure to align with best practices and user expectations.

Z

ZKW Group

zkw-group.com

0

ZKW Group is a leading global supplier specializing in innovative premium lighting systems and electronics for the automotive industry. The company positions itself as a strategic partner to automotive manufacturers worldwide, focusing on delivering advanced lighting solutions. The website reflects a professional corporate presence with multilingual support and strong branding aligned with its parent company, LG. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, hosted on WP Engine with Google Cloud infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. The site implements cookie consent mechanisms compliant with GDPR via Usercentrics, but lacks visible contact information and detailed security or incident response policies. Overall, while the business and technical maturity are solid, urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and maintain trust.

J

Jungheinrich AG

jungheinrich.com

0

Jungheinrich AG is a globally leading company in the intralogistics sector, headquartered in Hamburg, Germany. The company specializes in manufacturing industrial trucks, warehouse and material flow technology, and providing logistics services. The website reflects a mature enterprise with a strong market position and comprehensive service offerings targeting businesses requiring intralogistics solutions. Technically, the website employs modern web technologies including Vue.js, CoreMedia CMS, and integrates multiple marketing and analytics tools such as Google Tag Manager, Marketo, and Cookiebot. However, a critical security issue is present due to an invalid SSL certificate and lack of enabled TLS protocols, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.