Security Directory

Accenture's SAP Customer Experience website presents a comprehensive and professional digital presence showcasing their partnership with SAP and their extensive capabilities in delivering customer experience solutions. The site targets global enterprises seeking advanced SAP commerce and customer data management services. Technically, the site leverages Adobe Experience Manager, integrates multiple analytics and marketing tools, and is hosted on AWS CloudFront. However, a critical security concern is the invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a mature business with strong market positioning but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

E

EV Group (EVG)

evgroup.com

0

EV Group (EVG) is a well-established company specializing in semiconductor manufacturing equipment and process solutions, including wafer bonding, lithography, and metrology. The company targets semiconductor manufacturers and related industries, positioning itself as a leading supplier with a global presence. The website reflects a professional and comprehensive digital presence with multilingual support and detailed product and technology information. Technically, the site is built on TYPO3 CMS and uses modern tools like Cookiebot and Google Tag Manager, but lacks a valid SSL certificate, which is a significant security concern. Security headers are partially implemented, but the absence of HTTPS and TLS protocols severely impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and credible but requires urgent security improvements to protect user data and maintain trust.

F

FH Technikum Wien

technikum-wien.at

0

FH Technikum Wien is Austria's only purely technical university of applied sciences, offering a broad and practice-oriented range of study programs. The institution holds a leading market position in Austria's technical education sector, evidenced by its top ranking in the Industriemagazin and multiple certifications including sustainability and quality management awards. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with good SEO, accessibility, and user experience. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the institution demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

V

voestalpine AG

voestalpine.com

0

voestalpine AG is a globally leading steel and technology group with a strong market position in manufacturing and industrial sectors such as automotive, aerospace, energy, and railway systems. The company operates worldwide with a large enterprise footprint and emphasizes sustainability and innovation through initiatives like the greentec steel program. The website reflects a mature digital presence with multilingual support, comprehensive corporate and investor information, and active social media engagement. Technically, the site uses modern tools including Usercentrics for consent management and JW Player for media, hosted on AWS CloudFront CDN. However, a critical security weakness is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is clearly provided, though no direct company emails are visible. Overall, the site is professional and trustworthy but requires urgent SSL and TLS remediation to ensure secure user interactions.

W

WeAreDevelopers

wearedevelopers.com

0

WeAreDevelopers operates as Europe’s leading developer community platform, providing a comprehensive ecosystem for developers and companies to connect through job boards, events, and educational content. The platform hosts major events such as the WeAreDevelopers World Congress and offers extensive resources including tech talks and salary calculators. Their market position is strong within the European technology sector, targeting developers and tech companies with a large and active user base. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted via Cloudflare with Imgix for image delivery, and integrates video content hosted on Vimeo. The site demonstrates good design quality, mobile responsiveness, and SEO practices, although performance metrics are unavailable. Accessibility is basic but present. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability impacting user trust and data security. Other security headers are partially implemented but insufficient. Privacy and cookie policies are present and indicate GDPR compliance, supporting responsible data handling. Overall, the platform is professionally managed with strong business credibility and content quality but requires urgent improvements in security infrastructure to protect users and maintain trust. Strategic recommendations include immediate SSL deployment, enabling HTTPS, and enhancing security headers and practices.

M

MED-EL Medical Electronics

medel.com

0

MED-EL Medical Electronics is a mature and globally recognized healthcare company specializing in hearing implants and solutions. Their website provides comprehensive information about cochlear implants, middle ear implants, bone conduction systems, and related accessories, targeting individuals with hearing loss and healthcare professionals. The company maintains a strong market position as a leading hearing implant provider with a large operational scale and a well-established brand since 1996. The website content is professionally curated, with clear navigation and multilingual support, reflecting a high level of digital maturity.

G

Getzner Werkstoffe GmbH

getzner.com

0

Getzner Werkstoffe GmbH is a well-established company specializing in vibration isolation solutions for the railway, construction, and industrial sectors. With over 50 years of expertise, the company manufactures innovative polyurethane elastomers and elastic modules that reduce noise and vibrations, enhancing product longevity and application suitability. The website reflects a strong market position with comprehensive product and service information targeting construction professionals, urban developers, and industrial clients. Technically, the website employs modern tools such as Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL/TLS certificate and minimal security headers represent significant security vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is currently weak due to lack of HTTPS and related best practices, exposing users to potential risks. WHOIS data confirms the domain's legitimacy and long-term registration, supporting business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

T

Trayport Limited

visotech.at

0

Trayport Limited operates a comprehensive energy trading platform connecting traders, brokers, and exchanges globally, with a strong focus on power, gas, and carbon markets. Their flagship product, Joule, offers extensive market access and analytics, positioning them as a key player in the energy trading software sector. The website reflects a mature digital presence with rich content and clear navigation tailored to energy market participants. Technically, the site leverages modern web technologies including WordPress, Alpine.js, and Mapbox for interactive features, but lacks HTTPS support, which is a critical security shortfall. Security posture is weak due to the absence of SSL/TLS and security headers, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and professionally presented, but urgent improvements in security infrastructure are recommended.

N

NTS

nts.eu

0

NTS is a well-established IT services and solutions provider based in Austria, specializing in network infrastructure, security, data center, collaboration, cloud services, and artificial intelligence platforms. The company targets businesses and organizations seeking comprehensive digital transformation and managed services. Their market position is strong regionally with a broad portfolio of key services and a consistent brand presence. Technically, the website is built on WordPress with modern plugins and tracking tools, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and disabled TLS protocols. Security headers are well implemented, but the absence of HTTPS significantly undermines the security posture. Privacy compliance is robust with clear cookie and privacy policies and consent mechanisms. Overall, the website is professional and content-rich, but the lack of HTTPS is a critical risk that must be addressed immediately.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

ams-OSRAM AG is a global leader in innovative light and sensor solutions, offering a broad portfolio including high-performance LEDs, lasers, mixed-signal analog ICs, and sensors tailored for automotive, industrial, medical, and consumer applications. The company positions itself as a technology innovator with a strong focus on quality and customer engagement, supported by comprehensive investor relations and sustainability initiatives. The website reflects a mature digital presence with modern frameworks and a professional design, targeting B2B customers and industry partners worldwide. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent management mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to enhance security posture.

S

STRABAG SE

strabag.com

0

STRABAG SE is a leading European construction and technology company specializing in infrastructure, building construction, and specialized construction sectors. The company emphasizes innovation, sustainability, and quality, positioning itself as a market leader with a comprehensive portfolio of services including road construction, civil engineering, and tunneling. The website content reflects a mature enterprise with a strong focus on ESG principles and investor relations, targeting investors, clients, and partners in the construction and infrastructure sectors. Technically, the website employs standard web technologies such as jQuery and custom JavaScript, hosted on Microsoft Azure with DNS managed via AWS. While the site is content-rich and well-structured with good SEO and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts its security posture. Security analysis reveals a lack of essential security headers, no DNSSEC or CAA records, and no advanced SSL features like OCSP stapling or session resumption. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, but incident response and vulnerability disclosure policies are not evident. Overall, STRABAG SE's website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and adopting DNS security measures to align with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website greiner-extrusion.at is currently inaccessible, displaying a 'This store is unavailable' error page with an HTTP 500 status code. The lack of any meaningful content, contact information, or business details severely limits the ability to assess the company's market position or services. The domain is registered through a reputable registrar and uses Google Domains nameservers, but no SSL certificate is installed, and HTTPS is not enabled, which is a critical security deficiency. Performance is extremely poor with a very slow load time and no page content delivered. No privacy or cookie policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the site lacks professionalism and trustworthiness in its current state.

U

USound

usound.com

0

USound is a technology company specializing in MEMS speaker technology designed for integration into advanced audio devices such as TWS earbuds, headphones, AR/VR glasses, audio glasses, and hearing aids. The company positions itself as an innovator in the audio technology market, offering products with superior form factors, low power consumption, and high audio fidelity. Their website provides comprehensive product catalogs, technical documentation, and application insights targeting manufacturers and developers in the wearable and hearable device sectors. Technically, the website is built on WordPress with a modern tech stack including React, jQuery, and various plugins for enhanced user experience. However, the site lacks HTTPS, which is a critical security vulnerability. The security posture is basic with no advanced headers or SSL configuration, but no known vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance security headers.

Ö

Öresundskraft AB

oresundskraft.se

0

Öresundskraft AB is a well-established Swedish energy company with over 160 years of history, providing a broad range of energy and communication services including electricity, district heating, gas, fiber internet, solar cells, battery solutions, and electric vehicle charging. The company targets both private consumers and businesses, positioning itself as a regional leader in sustainable and renewable energy solutions. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and strong branding consistency. Technically, the site is built on ASP.NET MVC hosted on Microsoft Azure, utilizing modern marketing and analytics tools such as Usercentrics CMP, Weglot for translations, Google Tag Manager, and Microsoft Application Insights. Accessibility and mobile optimization are well addressed. However, a critical security weakness is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly undermines user security and trust. Privacy compliance is strong with clear GDPR and cookie policies and consent mechanisms. Business credibility is high with transparent contact information and active social media engagement. Strategic recommendations include immediate implementation of HTTPS, enhancement of security headers, and publication of security policies and incident response information to improve overall security posture and trust.

S

Staticus

staticus.com

0

Staticus is a well-established full-service façade engineering company specializing in the design, production, installation, and maintenance of unitised façade solutions primarily serving the Northern Europe market. With over 18 years of domain maturity and a large market presence, the company positions itself as one of the largest façade contractors in the region, targeting architects, construction firms, and real estate developers. Their business model emphasizes sustainability and collaborative project delivery. Technically, the website is built on WordPress with common plugins such as Yoast SEO and WP Rocket, and integrates marketing and analytics tools like Google Tag Manager, Facebook Pixel, and MailerLite. However, the site suffers from slow load times and lacks modern security configurations, notably missing HTTPS support and security headers, which significantly impacts its security posture. From a security perspective, the absence of SSL/TLS encryption is a critical vulnerability, exposing users to potential data interception risks. While privacy policies and cookie consent mechanisms are properly implemented, the lack of incident response contacts and vulnerability disclosure policies indicates room for improvement in security governance. Overall, Staticus presents a professional and credible business front with strong content and branding, but urgent security enhancements are necessary to protect user data and improve trustworthiness. Strategic recommendations include immediate SSL deployment, security header implementation, and performance optimization to align with best practices and compliance requirements.

The website stroeck.at currently serves minimal content, consisting solely of a warning message advising users to use HTTPS instead of HTTP for security reasons. There is no visible business information, metadata, or interactive elements such as forms or contact details. The domain is registered through A1 Telekom Austria AG, a reputable registrar and hosting provider in Austria, indicating legitimacy of the domain ownership. However, the lack of SSL/TLS certificate and absence of HTTPS severely undermines the site's security posture. Technically, the website lacks modern security configurations including TLS protocols, security headers, and HSTS. No analytics, advertising, or tracking technologies are detected, suggesting a very basic or placeholder site. Performance data is unavailable due to minimal content. The absence of privacy, cookie, or terms of service policies indicates non-compliance with GDPR and other privacy regulations. From a security perspective, the site is at high risk due to the lack of encryption and security best practices. This exposes visitors to potential interception and undermines trust. The domain registration is consistent and legitimate, but the website itself does not provide sufficient information or security assurances to users. Overall, the site scores very low on content quality, technical implementation, security posture, and privacy compliance. Immediate actions are recommended to implement HTTPS, add security headers, and provide essential business and privacy information to improve trust and compliance.

The website frau.se is a minimal placeholder site that uses a frameset to redirect visitors to an external Tumblr blog (fraublog.tumblr.com). There is no substantive content, metadata, or business information on the site itself. The domain is mature, registered since 2009, and hosted by Loopia AB in Sweden, but the website lacks modern web security practices, including HTTPS encryption and security headers. No privacy or cookie policies are present, and no contact or business details are provided, which significantly limits trust and credibility. The technical infrastructure is basic, running on PHP 8.1.30 with nginx, but without SSL/TLS or performance optimizations. Overall, the site appears underdeveloped or abandoned, serving primarily as a redirect.

D

DP+ (now part of Fusion92)

duffeypetrosky.com

0

DP+ is a marketing and innovation company recently acquired by Fusion92, positioning itself as a Midwest marketing innovation powerhouse. The website serves primarily as a landing page to announce this acquisition and redirect visitors to Fusion92's main site for further information. The business targets organizations seeking marketing and brand innovation services, operating within the media sector. The site branding is consistent and professional, reflecting the parent company's identity. Technically, the website is built using modern frameworks such as Next.js and React, hosted on Vercel, indicating a contemporary digital infrastructure. However, performance data is missing, and the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Mobile optimization is good, but accessibility and SEO optimizations are basic. From a security perspective, the absence of a valid SSL certificate and TLS protocols severely impacts the security posture. While some security headers are present, critical best practices like OCSP stapling, session resumption, and comprehensive HSTS policies are missing. No privacy or cookie policies are actively presented on the landing page, and no contact or incident response information is available, limiting compliance and user trust. Overall, the website presents moderate business credibility but suffers from critical security issues that must be addressed urgently. Strategic improvements in SSL deployment, privacy compliance, and contact transparency are recommended to enhance trust and security.

S

Schrack Seconet AG

schrack-seconet.com

0

Schrack Seconet AG is a well-established international high-tech company based in Austria, specializing in fire protection, healthcare communication systems, and security solutions. The company has a strong market position supported by decades of experience and a broad portfolio of products and services including fire alarm systems, healthcare communication, and lifecycle support. Their website reflects a professional and consistent brand image targeting authorities, specialists, and healthcare providers. Technically, the website is built on TYPO3 CMS, uses Apache server, and integrates modern analytics and cookie consent tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is content-rich, user-friendly, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

S

SKS365

sks365.com

0

SKS365 is a medium-sized, Italy-based omnichannel sports betting and gaming operator, positioned as a leading player in the Italian market. The company offers a broad range of betting and gaming services including sports betting, virtual sports, and online casino games. The website reflects a professional corporate presence with consistent branding and a focus on compliance and responsible gaming. Technically, the site is built on WordPress and hosted on Microsoft Azure, utilizing common web technologies such as jQuery and Google Tag Manager. However, the site lacks a valid SSL certificate, which severely impacts its security posture and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but cookie consent mechanisms are missing. No direct contact information such as emails or phone numbers are visible, which may affect user engagement and trust. Overall, the site is functional but requires significant security improvements to meet modern standards.

G

Gerot Lannach

gl-pharma.at

0

GL Pharma, operating under the legal name Gerot Lannach, is a medium-sized healthcare company based in Austria specializing in the development, production, and marketing of branded pharmaceuticals and generics. The company targets healthcare professionals including doctors, pharmacists, and wholesalers, positioning itself as a reputable provider in both Austrian and international markets. The website reflects a professional digital presence with multilingual support and structured data enhancing SEO and user experience. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap that undermines user trust and data protection. The site employs common WordPress technologies and integrates cookie consent mechanisms compliant with GDPR, indicating a reasonable level of privacy awareness. Overall, the business demonstrates solid market positioning but requires urgent improvements in security infrastructure to align with best practices.

M

MCI | Die Unternehmerische Hochschule®

mci.edu

0

The Management Center Innsbruck (MCI) is a well-established entrepreneurial university located in Austria, offering a broad range of academic programs including Bachelor, Master, and Executive Education degrees. The institution emphasizes internationality, academic quality, and practical relevance, serving students, professionals, and corporate partners. The website reflects a strong brand presence with comprehensive content, testimonials from notable figures, and active social media engagement. Technically, the site is built on Joomla CMS with modern frontend technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Security headers are partially implemented, and DNS configurations show some misconfigurations such as malformed CAA records. Privacy compliance is moderate with a clear privacy policy but lacking cookie consent mechanisms. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

Pilz GmbH & Co. KG operates an international website focused on providing comprehensive automation technology solutions, emphasizing safety and industrial security. The company targets industrial automation professionals and machine builders, offering components, systems, and services to ensure safe automation worldwide. The website is professionally designed with clear navigation and multilingual support, reflecting a strong market position in manufacturing and technology sectors. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, but suffers from critical SSL/TLS misconfigurations that undermine its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the site's security score. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Business credibility is high, supported by detailed contact information, social media presence, and consistent branding. Overall, the site is functional and professional but requires urgent remediation of its SSL/TLS issues to improve security and trust.

Confidex is a mature and reputable company specializing in RFID, NFC, and BLE solutions for industries, logistics, and mobility sectors. Recently acquired by Beontag, a global leader in graphic and label materials and RFID technology, Confidex strengthens its global presence and service localization. The website reflects a professional and comprehensive digital presence with strong branding and relevant content targeting industrial and supply chain customers. Technically, the site uses modern frameworks like Next.js and React, hosted on AWS CloudFront, with good SEO and accessibility practices. However, the lack of a valid SSL certificate and HTTPS support is a critical security gap that significantly impacts the overall security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The domain registration data confirms the legitimacy and maturity of the business. Strategic improvements in SSL/TLS configuration and incident response readiness are recommended to enhance trust and security.

V

VDEL

vdel.com

0

VDEL is an established software company founded in 1993, specializing in customized software solutions including document and process management, blockchain, big data, and AI. The company operates internationally with subsidiaries in Belgrade and Katowice and serves businesses seeking integrated IT solutions. Their business model includes distribution and multilingual support, leveraging partnerships such as Software United. Technically, the website uses Bitrix CMS with common web technologies and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of privacy and cookie policies indicate significant security and compliance gaps. The security posture is weak due to missing HTTPS and security policies, exposing users to risks. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

R

Regionalmedien Austria AG

regionalmedien.at

0

Regionalmedien Austria AG is a leading Austrian regional media company with a broad portfolio of digital and print products, including well-known brands such as MeinBezirk.at and BezirksBlätter. The company focuses on local and regional news coverage, serving communities across all Austrian states. Their business model centers on media publishing and advertising services, positioning themselves as innovation drivers in the regional media market. The website reflects a mature digital presence with professional design, structured data, and comprehensive content tailored to their target audience of regional readers and businesses. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Cookiebot, but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security posture is basic with no advanced headers or incident response information. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to meet modern standards.

S

Stadt Wien – Wiener Wohnen Kundenservice GmbH

wrwks.at

0

Stadt Wien – Wiener Wohnen Kundenservice GmbH is a municipal service provider based in Vienna, Austria, focused on delivering social and sustainable solutions within the city's organizational network. The company has evolved from a small marketing and call service agency into a medium-sized enterprise offering comprehensive construction and communication services. Their ISO 9001:2015 certification underscores their commitment to quality and customer satisfaction. Technically, the website is built on WordPress with modern JavaScript frameworks and plugins, providing good accessibility and SEO optimization. However, the lack of a valid SSL certificate and proper HTTPS configuration significantly undermines the site's security posture. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing. Privacy compliance is well addressed with a comprehensive privacy and cookie policy, including consent mechanisms. Overall, the business credibility is strong with clear contact information and trust indicators. Strategic improvements in SSL/TLS deployment and security policy transparency are recommended to enhance trust and security.

The website tmk-group.com is currently inaccessible beyond a browser checking page implemented by a DDoS protection service (ddos-guard). This prevents access to any substantive business content, metadata, or contact information. The domain is registered and has DNS records configured with multiple mail servers, but no SSL/TLS certificate is valid, and the site is served over HTTP only. The lack of HTTPS and security headers indicates a weak security posture. No privacy or cookie policies are present, and no contact or business information is accessible. Overall, the site appears to be protected behind a security mechanism that blocks direct content access, limiting the ability to perform a full analysis.

A

APK Group | Together we create smart and sustainable cities

apk.be

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 27 security findings identified across all modules.

A

Alturos

alturos.com

0

Alturos is a digital platform provider specializing in integrated solutions for the tourism and transportation sectors, including mountain railways, shipping companies, and airlines. Their flagship product, Destination OS, offers a comprehensive 360° solution for digital marketing, sales, communication, and guest entertainment. The company has a strong market presence with over 150 customers and numerous integrations with sales and marketing systems. Technically, the website is built on WordPress with modern frameworks like UIkit and uses performance optimizations such as WP Rocket. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken the security posture. While privacy and cookie policies are present and GDPR compliant, no explicit security or incident response policies are found. Overall, the site is professional and trustworthy but requires urgent security improvements.

Reckitt Benckiser Group PLC operates a global portfolio of trusted hygiene, health, and nutrition brands, serving millions of consumers worldwide. The company emphasizes scientific expertise and consumer understanding to deliver products that improve lives, with a strong market position supported by well-known brands such as Dettol, Lysol, and Durex. The website reflects a mature digital presence built on modern technologies like React and Gatsby, with good SEO and accessibility practices. However, a critical security gap exists as the site lacks HTTPS, exposing users to potential risks. Privacy and cookie policies are well implemented, indicating compliance with GDPR and other regulations. Overall, Reckitt's online presence is professional and credible but requires urgent security improvements to protect user data and maintain trust.

Glashütte Original is a prestigious German luxury watch manufacturer with a rich history dating back to 1845. The company operates under the Swatch Group umbrella and offers a range of technically sophisticated and iconic watch collections targeting discerning luxury consumers globally. The website reflects a mature digital presence with multilingual support, comprehensive product and brand information, and integrated e-commerce and customer service functionalities. Technically, the site is built on WordPress with WooCommerce and leverages modern JavaScript libraries and tracking technologies. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the business demonstrates strong credibility and branding but must urgently address its SSL/TLS configuration to improve security posture and user confidence.

N

Nameshift.com

unterweger.eu

0

The website unterweger.eu is a domain sales and transfer service platform operated in partnership with Nameshift.com, a domain escrow and marketplace service. The business model focuses on providing a secure and simple way for buyers to purchase domain names with escrow protection, free assistance, and VAT invoicing. The target audience includes individuals and businesses seeking domain ownership with minimal risk. The website is built using modern web technologies such as SvelteKit and is hosted on a CDN associated with Nameshift.com. However, performance metrics are not available, and the site shows basic content quality with limited interactive elements. From a security perspective, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability impacting user trust and data security. Although some security headers are present, the absence of TLS protocols and HSTS reduces the overall security posture significantly. No privacy or cookie policies are published, indicating poor privacy compliance. Contact information is limited to a physical address in the Netherlands, with no emails or phone numbers provided, which may affect user confidence. Overall, the website demonstrates a basic level of technical implementation and business credibility but suffers from critical security and privacy compliance gaps. Strategic improvements in SSL/TLS deployment, privacy policy publication, and contact transparency are essential to enhance trust and security. The domain registration data aligns well with the business claims, showing consistency and legitimacy without privacy protection, which is appropriate for this type of service.

The United Nations Industrial Development Organization (UNIDO) is a well-established intergovernmental organization focused on promoting industrial development for sustainable economic growth and poverty reduction. The organization operates globally with a strong presence in Austria, where it is headquartered. UNIDO's key services include technical cooperation, policy advice, capacity building, and implementation of industrial development programs. The website represents a critical digital asset for UNIDO's communication and outreach efforts. Technically, the website is hosted behind Cloudflare, which provides security and performance services. However, the current website content is inaccessible due to a Cloudflare security challenge page requiring JavaScript and cookies, preventing full content analysis. The SSL/TLS configuration is critically flawed with no valid certificate detected, disabling HTTPS and exposing the site to security risks. Performance metrics are unavailable due to blocked content, and no modern web frameworks or CMS are identifiable from the limited HTML. From a security perspective, while several security headers are implemented, the lack of HTTPS and invalid SSL certificate significantly degrade the security posture. There is no evidence of privacy policies, cookie consent mechanisms, or incident response contacts on the accessible page. WHOIS data is consistent and trustworthy, showing a mature domain registered to UNIDO with no privacy protection, reinforcing the legitimacy of the domain. Overall, the website currently suffers from critical accessibility and security issues that limit its effectiveness and trustworthiness. Strategic improvements in SSL/TLS deployment, content accessibility, and privacy compliance are essential to enhance the organization's digital presence and security posture.

A

Anton Paar

anton-paar.com

0

Anton Paar is a globally recognized manufacturer of high-quality analytical and measuring instruments serving research and industrial sectors. The company holds a strong market position as a leader in density, concentration, CO2 measurement, and rheometry. Their website reflects a mature digital presence built on TYPO3 CMS, featuring comprehensive product information, regional office contacts, and support services. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens their security posture, exposing users to potential risks. The site employs modern analytics and marketing tools with appropriate privacy and cookie consent mechanisms, demonstrating good compliance with GDPR and user privacy standards. Strategic improvements in SSL/TLS deployment and security headers would enhance trust and security.

E

Evon Technologies

evontech.com

0

Evon Technologies Pvt. Ltd. is a well-established software development company based in India, with over 17 years of experience serving a global clientele. The company offers a broad range of services including custom web and app development, AI and machine learning solutions, cloud consulting, ERP/CRM implementations, and staff augmentation. Their market position is strengthened by certifications such as CMMI Level 5 and ISO 27001:2022, and a diverse client portfolio featuring technology heavyweights and startups. Technically, the website is built on Joomla CMS, hosted likely on AWS infrastructure, and integrates modern marketing and analytics tools. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security gap. Privacy and cookie policies are present with consent mechanisms, supporting basic GDPR compliance. Contact information is comprehensive and accessible via multiple channels.

T

Thommen Medical AG

thommenmedical.com

0

Thommen Medical AG is a Swiss-based manufacturer specializing in dental implantology products with over 35 years of clinical experience. The company offers a comprehensive range of dental implants, prosthetics, instruments, and digital workflow products, targeting dental professionals and patients globally. Their market position is strong within the healthcare manufacturing sector, emphasizing Swiss precision and innovation. The website is professionally designed, content-rich, and well-structured, supporting their business model of manufacturing and distribution alongside educational services and scientific collaboration. Technically, the site is built on TYPO3 CMS with modern frontend technologies and integrates multiple analytics and marketing tools. However, a critical security weakness exists due to the absence of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant, enhancing user trust. Contact information is comprehensive and clearly presented, supporting business credibility. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

S

SHT Haustechnik GmbH

sht-gruppe.at

0

SHT Haustechnik GmbH is a leading Austrian wholesaler specializing in sanitary, heating, installation, and electrical products, serving primarily professional installers and industry partners. The company operates a comprehensive digital presence including a WordPress-based website, an online shop (sht.at), and regional offices across Austria, positioning itself as the market leader in the haustechnik sector. The website content is well-structured, professionally designed, and includes customer testimonials and partner logos, reinforcing trust and credibility. Technically, the site uses a modern WordPress stack with PHP 8.1 and React components, but lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy compliance is addressed with a cookie consent mechanism and clear privacy and terms of service pages. However, the absence of HTTPS and security headers significantly undermines the security posture. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, and enhancing security headers and policies to protect user data and improve trust.

N

Newrest

newrest.eu

0

Newrest is a global leader in multi-sector catering and out-of-home food service solutions, operating in 53 countries with a workforce exceeding 60,000 employees. The company offers a broad range of services including inflight catering, rail catering, remote site management, concessions, and retail services, targeting corporate clients in transportation, energy, and retail sectors. The website is professionally designed, multilingual, and provides comprehensive business and CSR information, reflecting a mature global enterprise. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and privacy compliance, but suffers from a critical lack of HTTPS and valid SSL certificates, severely impacting security posture. Privacy compliance is well addressed with clear policies and a consent manager. The security headers are partially implemented, but the absence of TLS protocols and HSTS reduces the site's security effectiveness. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain business credibility.

A

AVL List GmbH

avl.com

0

AVL List GmbH is a globally recognized leader in mobility technology, specializing in development, simulation, and testing solutions primarily for the automotive industry. The company offers a broad portfolio of engineering, simulation, and testing services, with a strong emphasis on sustainable and innovative mobility solutions such as hydrogen engines, hybrid powertrains, and fuel cells. Their market position is that of a mature, enterprise-level technology provider with a significant global presence and a history spanning over 28 years. Technically, the website is built on Drupal 10 with modern JavaScript libraries and includes Cookiebot for consent management. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Performance is also a concern, with a notably slow page load time and a large page size. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR compliance indicators. Business credibility is strong, supported by detailed corporate information, consistent branding, and multiple trust signals. Overall, while the business and content quality are excellent, the lack of HTTPS and slow performance are key vulnerabilities that should be addressed promptly.

L

When it has to be right | Leica Geosystems

leica-geosystems.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 20 security findings identified across all modules.

The website valleys-wordworks.com is currently a parked domain with no substantive business content or services presented. It primarily serves advertising placeholders and domain parking scripts, lacking any clear business description, contact information, or user engagement features. The technical infrastructure is minimal, hosted on Hetzner Online with a Caddy web server, but critically lacks a valid SSL/TLS certificate, resulting in no HTTPS support and poor security posture. The absence of privacy and cookie policies, as well as the lack of GDPR compliance indicators, further diminishes the site's trustworthiness and compliance standing. Overall, the site appears inactive or unused for legitimate business purposes, representing a low risk but also low value presence on the internet.

The website nufarm.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page, which prevents access to any substantive content. Nufarm is a well-established global agricultural chemical company with a mature domain registered since 1997. The domain registration details are consistent and indicate a legitimate business entity. However, the lack of a valid SSL/TLS certificate and the presence of a blocking WAF page severely limit the ability to assess the website's content, privacy, and security posture comprehensively. The technical infrastructure relies on Cloudflare for DNS and security services, but the absence of HTTPS and other modern security configurations is a critical vulnerability. Overall, the website's security posture is weak due to missing SSL and blocking mechanisms, and privacy compliance cannot be verified. Strategic improvements in SSL deployment and content accessibility are essential.

ERGO Versicherung Aktiengesellschaft operates the website das.at, providing legal protection insurance products under the D.A.S. Rechtsschutz brand in Austria. The company is a market leader with a strong reputation, offering services to private individuals, self-employed, and businesses. The website is professionally designed, content-rich, and targets Austrian customers with comprehensive insurance solutions and customer support channels. Technically, the site is built on TYPO3 CMS with modern web technologies and integrates multiple marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. WHOIS data confirms the domain's legitimacy and alignment with the ERGO group. Overall, the website is credible and professional but requires urgent security improvements to protect user data and trust.

H

Heartbeats Innovation & Communication

weareheartbeats.com

0

Heartbeats Innovation & Communication is a small professional service agency based in Vienna, Austria, specializing in responsible business communication and innovation. The company offers services such as impact communication, workshops, mentoring, event design, and content marketing, targeting organizations seeking to create value responsibly. The website is built on the Wix platform, leveraging modern web technologies including React 18 and Wix-specific widgets for video, galleries, and chat. While the site presents professional content and clear contact information, it suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines user trust and data security. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found. Overall, the site is functional and moderately optimized but requires urgent security improvements.

W

Wolf Theiss – Leading Lawyers in CEE/SEE

wolftheiss.com

0

Wolf Theiss is a leading law firm specializing in Central, Eastern, and South-Eastern Europe, with over 400 lawyers across 13 countries. The firm offers comprehensive legal services spanning arbitration, banking, capital markets, intellectual property, and more, targeting international clients and businesses operating in the CEE/SEE region. The website reflects a mature, professional organization with strong branding, extensive content, and a focus on accessibility and compliance. Technically, the site is built on WordPress with modern SEO and accessibility plugins, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support. Security headers are well configured, but the lack of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Zurich Insurance Group operates as a global insurance provider primarily in the finance sector, offering insurance and risk management services. The domain zurich.com is mature and strongly protected, reflecting the company's established market presence. However, the website content is currently inaccessible due to Incapsula WAF security mechanisms, and no valid SSL certificate is configured, resulting in no HTTPS support. This severely limits the ability to assess the website's content, privacy policies, and user engagement features. The technical infrastructure shows hosting via Incapsula, but lacks modern TLS protocols and security headers, indicating a need for significant security improvements. Overall, the website's security posture is weak due to missing SSL and blocked content, and privacy compliance cannot be verified. Strategic recommendations include implementing a valid SSL certificate, enabling modern TLS protocols, configuring security headers, and ensuring privacy and cookie policies are accessible to users.