Security Directory

T

Transped Europe GmbH

transped.at

0

Transped Europe GmbH is a medium-sized Austrian transportation and logistics company specializing in European haulage and intermodal freight transportation since 1983. The company positions itself as a specialist in European road haulage, targeting logistics customers and transport partners across Europe. The website reflects a professional business with clear navigation and relevant content focused on their core services. Technically, the site uses a custom ASP.NET backend with common frontend libraries such as jQuery and Bootstrap, but lacks modern security implementations such as HTTPS and security headers, which significantly impacts its security posture. The absence of a valid SSL certificate and missing security headers expose the site to potential risks and reduce trustworthiness. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present, but no explicit data protection officer or incident response information is found. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

D

DACHSER

dachser.com

0

DACHSER is a well-established global logistics provider with a strong market position and comprehensive service offerings across multiple transport and warehouse networks. The website reflects a mature digital presence with multilingual support, rich content, and clear corporate governance and compliance information. Technically, the site uses modern tracking and consent management technologies but suffers from critical SSL certificate issues that undermine its security posture. Security headers and policies are well implemented, but the lack of valid HTTPS and modern TLS protocols is a significant risk. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions and maintain compliance. Strategic recommendations include fixing SSL certificates, enabling modern TLS, and enhancing security mechanisms such as OCSP stapling and session resumption.

W

W.D. Matthews Machinery Co.

wdmatthews.com

0

W.D. Matthews Machinery Co. is a well-established heavy equipment dealer operating primarily in New England, with a history dating back to 1939. The company specializes in new and used forklifts, heavy machinery, warehousing supplies, rentals, parts, and service. It maintains strong partnerships with reputable brands such as Toyota, Manitou, Clark, and Bobcat, positioning itself as a leading regional provider in the transportation and industrial equipment sector. The website reflects a professional business model focused on equipment sales, rentals, and maintenance services targeting commercial and industrial clients in the region. Technically, the website is built on WordPress with WooCommerce and utilizes modern web technologies including Gravity Forms for data collection and Google Tag Manager for analytics. Hosting is provided by WP Engine with Cloudflare CDN for content delivery. While the site is mobile-optimized and well-structured with good SEO practices, performance data is incomplete, and some accessibility features are basic. The site lacks a valid SSL certificate, which is a critical security gap. From a security perspective, the absence of HTTPS and modern TLS protocols significantly reduces the site's security posture. No advanced security headers or mechanisms such as HSTS or OCSP stapling are implemented. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service page detected. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a moderate risk profile due to the lack of HTTPS and limited privacy compliance. Strategic improvements in security configuration and privacy practices are recommended to enhance trust and protect user data. The business itself appears legitimate and well-positioned in its market, but the website's security shortcomings could impact user confidence and compliance with regulations.

S

Spring GDS

spring-gds.com

0

Spring GDS is an established international delivery company specializing in cross-border e-commerce shipping solutions since 2001. Positioned as part of the PostNL group, it offers a comprehensive suite of services including global shipping, returns, customs clearance, and integrations tailored for online businesses. The company emphasizes sustainability and holds an EcoVadis certification, reinforcing its commitment to environmental responsibility. The website targets businesses seeking efficient international logistics with a focus on last-mile delivery expertise. Technically, the website employs modern web technologies such as Google Tag Manager and Sentry for analytics and error monitoring, and is hosted behind Akamai CDN. However, performance is impacted by slow DNS resolution and the absence of a valid SSL certificate, which critically undermines the security posture. The site is mobile-optimized with excellent design and navigation, supporting a positive user experience. Security analysis reveals significant weaknesses: no valid SSL/TLS certificate is deployed, no TLS protocols are enabled, and critical security features like OCSP stapling and session resumption are missing. While security headers are present, the lack of HTTPS severely limits the site's trustworthiness and exposes users to risks. Privacy compliance is good with clear policies and GDPR adherence, but incident response and vulnerability disclosure mechanisms are not publicly documented. Overall, Spring GDS presents a credible and professional business with strong market positioning and comprehensive service offerings. The primary risk lies in its deficient SSL configuration, which should be urgently addressed to protect customer data and maintain trust. Strategic improvements in security infrastructure will enhance the company’s digital maturity and safeguard its reputation.

E

evofenedex

evofenedex.nl

0

Evofenedex is a well-established Dutch association focused on trade and logistics, serving over 10,000 members with knowledge, advice, products, and services related to goods transport, import/export, and storage. The website reflects a mature organization with a clear business model centered on membership benefits and industry support. Technically, the site employs modern JavaScript frameworks such as React and uses Google Tag Manager and Visual Website Optimizer for analytics and marketing. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Privacy compliance is weak, with no visible privacy or cookie policies, although cookie consent is denied by default via the consent management setup. Overall, the site is functional and professionally designed but requires urgent security and compliance improvements.

P

Post AG

post.at

0

Post AG operates as Austria's leading postal and logistics service provider, offering a comprehensive range of services including letter mail transport, parcel shipping, business mailing solutions, and online postal services. The company targets both general consumers and business clients within Austria, maintaining a strong market position supported by a professional and content-rich website. The digital infrastructure leverages modern technologies such as React and Sitecore CMS, with integrated analytics and marketing tools like Matomo and Jentis Tag Manager, reflecting a mature digital presence. However, the website's security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses significant risks to data confidentiality and user trust. Despite this, the site maintains good privacy compliance with clear policies and consent mechanisms, and offers comprehensive contact options and official social media channels. Strategic improvements in SSL/TLS implementation and security header enforcement are critical to enhance overall security and trustworthiness.

Deutsche Lufthansa AG operates a comprehensive airline website offering flight booking and travel management services to a global audience. The site reflects Lufthansa's position as a leading international airline with a broad network and premium service offerings. The technical infrastructure leverages modern web technologies including Adobe Helix, Maui Design System, and Akamai CDN, ensuring a responsive and accessible user experience. While the website is rich in content and professionally designed, the SSL certificate is currently invalid, which poses a security risk. Security headers are well implemented, but the absence of a cookie consent mechanism indicates partial privacy compliance. Overall, the site demonstrates a mature digital presence with room for improvement in security and privacy practices.

L

lbase

lbase.software

0

lbase is a specialized business unit of Axians, providing advanced logistics software solutions such as transport management systems (TMS) and warehouse management systems (WMS). Leveraging AI, algorithms, and eco-partnerships, lbase aims to optimize supply chain processes for efficiency and flexibility. The company is well-positioned in the European logistics market with a mature domain and strong parent company backing from VINCI Energies. The website reflects a professional and comprehensive digital presence with clear business information and compliance with GDPR and cookie regulations. Technically, the site uses WordPress with modern plugins and analytics tools, though performance could be improved. Security posture is strong with HTTPS, HSTS, SPF, and DMARC properly configured, but could benefit from enabling DNSSEC and OCSP stapling. Overall, lbase demonstrates a mature, trustworthy, and compliant online presence suitable for its B2B logistics software market.

The website wilsonsons.com.br is currently inaccessible due to a 403 Forbidden error, indicating restricted access or blocking at the server or security layer. This prevents extraction of any meaningful content, metadata, or business information from the site itself. The domain is registered and uses professional DNS and email infrastructure, including Amazon AWS name servers and Google MX servers, suggesting a legitimate and established business presence in Brazil, likely in the transportation sector. The SSL certificate is valid and supports modern TLS protocols, but lacks advanced security features such as HSTS and OCSP stapling. No privacy, cookie, or terms of service policies are detectable on the root page, and no contact information or social media links are present in the accessible content. Overall, the site’s security posture is basic but could be improved with additional headers and DNS security measures. Due to the blocked content, the overall risk assessment is limited and the AI scoring is low, reflecting the inability to fully evaluate the site’s content and compliance.

F

Forster

forster.at

0

Forster is an established Austrian company founded in 1956, specializing in manufacturing and providing solutions in transportation technology, shelving systems, noise protection, advertising technology, signage, and industrial printing. The company operates internationally with multiple related domains and maintains a strong market presence with high-quality standards. The website is built on TYPO3 CMS with Bootstrap framework and uses Matomo for analytics, indicating a modern but somewhat traditional technical infrastructure. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing the site to risks and reducing trustworthiness. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site presents a professional image but requires urgent security improvements to protect user data and enhance trust.

CEVA Logistics is a leading global supply chain management and freight company offering a broad range of logistics services including air, ocean, ground, contract logistics, and customs brokerage. The company operates worldwide with a large workforce and is part of the CMA CGM Group. The website demonstrates a mature digital presence with comprehensive content, multiple language support, and active news and career sections. Technically, the site uses modern frameworks like Nuxt.js and Vue.js and is hosted behind Cloudflare, but critically lacks a valid SSL certificate and proper HTTPS configuration, which severely impacts its security posture. Security headers are well implemented, but the absence of TLS protocols and session resumption reduces security effectiveness. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy from a business perspective but requires urgent security improvements to protect user data and maintain trust.

P

Plasser & Theurer

plassertheurer.com

0

Plasser & Theurer is a well-established Austrian company specializing in the development, construction, and export of railway track maintenance machinery with over 60 years of industry presence. The company serves railway infrastructure operators and maintenance professionals globally, supported by a broad network of subsidiaries and partners. Their website reflects a professional and comprehensive digital presence, showcasing their products, services, and international reach. Technically, the website is built on TYPO3 CMS and uses modern JavaScript libraries such as Swiper.js for UI components and Matomo for analytics. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and user trust. Performance is slow, and no advanced security headers or domain protection mechanisms are in place. Security-wise, the lack of HTTPS and security headers exposes visitors to risks, and the absence of cookie consent mechanisms raises compliance concerns under GDPR. The WHOIS data confirms a mature and consistent domain registration aligned with the company's identity, enhancing legitimacy. Overall, while the business and content quality are strong, the security and privacy compliance gaps present significant risks. Strategic recommendations include immediate implementation of HTTPS, security headers, and cookie consent mechanisms, alongside enhancing domain security configurations. These steps will improve trust, compliance, and overall security posture, supporting the company's reputable market position.

W

Wilhelm Schwarzmüller GmbH

schwarzmueller.com

0

Wilhelm Schwarzmüller GmbH operates as one of Europe's largest providers of towed commercial vehicles, specializing in manufacturing and servicing premium transport solutions tailored to various industries such as construction, logistics, and tank transport. The company maintains a strong market position with a broad portfolio of over 150 vehicle types and a commitment to quality, evidenced by ISO certifications and industry awards. Their digital presence is robust, featuring multilingual support, active social media channels, and comprehensive customer service offerings including telematics and rental services. Technically, the website is built on WordPress with modern frameworks and SEO optimizations, although it lacks HTTPS encryption, which is a significant security concern. The security posture is weak due to the absence of SSL/TLS, HSTS, and other critical security headers, exposing users to potential risks. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, supported by consistent branding, detailed contact information, and trust signals. Strategic improvements in security infrastructure are essential to enhance trust and protect user data.

D

Danube Shipping Management Service GmbH

dsms.at

0

Danube Shipping Management Service GmbH is a medium-sized logistics and shipping management company based in Vienna, Austria, established in 1991. The company ranks among the top 50 logistics providers in Austria and offers key services including transport, agency, and port management. Their business model focuses on providing comprehensive logistics solutions to industrial clients such as Voestalpine and HBIS. The website reflects a professional business presence with clear branding and relevant content targeted at business customers in the transportation sector. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Yoast SEO for optimization. However, the site suffers from slow load times and lacks modern security configurations. The absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. The site also lacks cookie consent mechanisms and comprehensive privacy compliance features, which may pose regulatory risks under GDPR. From a security perspective, the website has significant weaknesses including no HTTPS, no security headers, and no incident response or vulnerability disclosure information. While the company holds recognized certifications such as ISO 9001:2015 and FIATA, the digital security posture is weak and requires urgent improvements to protect business and customer data. Overall, the website demonstrates moderate business credibility and content quality but is hindered by poor security practices and compliance gaps. Strategic recommendations include immediate SSL implementation, enhanced privacy compliance, and adoption of security best practices to improve trust and reduce risk.

O

Oskar Schmidt GmbH

schmidtauto.at

0

Autohaus Schmidt, officially Oskar Schmidt GmbH, is a well-established automobile dealership and service provider based in Salzburg, Austria, with a history dating back to 1928. The company operates multiple locations and offers a wide range of services including new and used car sales, vehicle rental, servicing, repairs, and financing. Their market position is strong within the regional transportation sector, supported by authorized partnerships with major car brands such as Ford, Volvo, Peugeot, and Citroën. The website reflects a professional and consistent brand image targeting car buyers and service customers in Salzburg and surrounding areas. Technically, the website uses modern JavaScript, AWS CloudFront CDN, and Google Tag Manager for analytics and marketing. However, it lacks HTTPS, which is a critical security deficiency. The site includes cookie consent mechanisms and privacy policies compliant with GDPR, indicating a good level of privacy awareness. Performance data is unavailable, but the site appears mobile-optimized and SEO-friendly. From a security perspective, the absence of SSL/TLS encryption severely impacts the site's security posture, exposing users to potential risks. Other security headers and best practices are partially implemented but overshadowed by the lack of HTTPS. No incident response or vulnerability disclosure policies are present. The domain registration data aligns well with the business claims, enhancing trustworthiness. Overall, while the business and website demonstrate professionalism and good content quality, the critical lack of HTTPS significantly lowers the security score and overall risk profile. Strategic improvements in security infrastructure are essential to protect users and maintain trust.

R

Rail Cargo Group

railcargo.com

0

Rail Cargo Group is a well-established rail logistics provider operating primarily in Europe and Asia, offering a broad range of freight and logistics services including wagon loads, intermodal and multimodal logistics, and railway operations. The company targets businesses requiring efficient rail freight solutions and maintains a strong market position supported by its parent company ÖBB. Technically, the website employs modern JavaScript libraries and custom corporate scripts, with a focus on accessibility and SEO, though performance data is unavailable. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, despite good security header implementation. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, with Matomo analytics used for privacy-conscious tracking. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

B

Bombardier

bombardier.com

0

Bombardier is a mature enterprise specializing in the design, manufacture, and maintenance of ultra-long-range business jets and specialized defense aircraft. The company targets discerning individuals, businesses, and governments globally, maintaining a strong market position with a comprehensive portfolio of aircraft and support services. The website reflects a high level of professionalism, rich multimedia content, and consistent branding aligned with Bombardier's industry stature. Technically, the site leverages Drupal CMS, modern JavaScript frameworks, and monitoring tools like New Relic, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. However, the absence of HTTPS and security headers presents significant vulnerabilities. Overall, the domain registration is consistent with the business history, reinforcing legitimacy. Strategic improvements in SSL deployment and security configurations are essential to enhance trust and compliance.

F

F/LIST

f-list.at

0

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

B

BMTS Technology

bmts-technology.com

0

BMTS Technology is a medium-sized, globally active Tier 1 automotive supplier specializing in powertrain and clean mobility technologies including turbochargers, electric turbo systems, heat pump compressors, and fuel cell boosters. The company targets automotive manufacturers and suppliers focused on new energy vehicles and autonomous driving technologies. The website is built on WordPress with a modern tech stack including PHP 8.2 and popular plugins for SEO and multilingual support. However, the site lacks a valid SSL certificate, resulting in no HTTPS, which is a critical security vulnerability. Security headers and advanced security practices are minimal. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via a contact form with no direct emails or phone numbers visible. Overall, the site presents professional content and branding but requires urgent security improvements to protect user data and enhance trust.

P

Pacific National

pacificnational.com.au

0

Pacific National is Australia's largest private rail freight operator, providing comprehensive rail logistics services across the country. The company emphasizes safety, customer service, and operational excellence, serving a broad range of industries with extensive rail assets including locomotives and wagons. Their market position is strong as a trusted logistics partner with a large customer base and national presence. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing common web technologies such as jQuery, Bootstrap, and Owl Carousel. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and structured data implemented for enhanced search visibility. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Security headers are minimal, and advanced protections like HSTS and OCSP stapling are not enabled. While some security best practices like HttpOnly and Secure cookie flags are set, the overall security posture is weak and requires urgent improvement. Overall, the website is professional and content-rich but suffers from significant security shortcomings that impact user trust and compliance. Strategic improvements in SSL/TLS deployment and privacy compliance mechanisms are recommended to enhance security and regulatory adherence.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

0

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

The website flyniki.com serves as an informational portal for NIKI Luftfahrt GmbH, a defunct airline that ceased operations in December 2017. The site primarily informs visitors about the suspension of flight services and directs affected passengers to their travel agencies and an external insolvency information page. The business focus was on passenger air transportation, but the airline is no longer operational. Technically, the website is minimalistic, running on an Apache server with no modern web technologies or CMS detected. The site lacks HTTPS, exposing visitors to security risks. There are no privacy or cookie policies, no contact information, and no forms, indicating limited digital maturity and user engagement capabilities. Security posture is weak due to the absence of SSL/TLS, security headers, and DNS security features. Overall, the site reflects a legacy presence rather than an active business platform.

F

Fuhrparkverband Austria

fuhrparkverband.at

0

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

W

Wittur Group

wittur.com

0

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

T

TachoEASY GmbH

tachoeasy.com

0

TachoEASY GmbH is a medium-sized Austrian company specializing in telematics and tachograph data archiving software solutions for the transportation and logistics sector. With nearly two decades of market presence, it offers products such as tacholog² and BlueLOGICO® targeting fleet operators and transport companies. The website is built on Joomla CMS with modern UIkit framework and integrates various third-party services including Calendly and friendly-challenge captcha for user interaction. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Security headers are partially implemented but key protections like HSTS and DNSSEC are missing. The company provides comprehensive privacy and cookie policies with a consent mechanism, reflecting good GDPR compliance. Contact information is clearly presented with multiple channels including phone, email, and contact forms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

W

Webasto Group

webasto.com

0

Webasto Group is a mature, enterprise-level global automotive supplier specializing in innovative roof systems, battery solutions, heating, and cooling products. The company is positioned among the top 100 automotive suppliers worldwide, serving automotive manufacturers and end customers with a broad portfolio of products and services. The website is professionally designed, leveraging modern technologies such as Adobe Experience Manager and React, providing a rich user experience with clear navigation and relevant content. However, a critical security issue is the lack of a valid SSL certificate, resulting in no HTTPS enforcement, which significantly impacts the security posture. Privacy and cookie policies are present, indicating awareness of compliance requirements, but the absence of a cookie consent mechanism and security policy pages suggests room for improvement in privacy compliance and transparency. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

A

AMES - Aerospace and Mechanical Engineering Services

ames.aero

0

AMES - Aerospace and Mechanical Engineering Services is a mature Austrian company specializing in aerospace engineering, certification, production, maintenance, CAMO, consulting, and training services. With a domain age of 17 years and multiple aerospace certifications, AMES positions itself as a reliable service provider in the aerospace transportation sector. The website reflects a professional business model targeting aerospace industry professionals and companies requiring specialized engineering and certification services. The company maintains a consistent brand presence with clear contact information and social media engagement. Technically, the website employs a variety of established JavaScript libraries and frameworks such as jQuery, Bootstrap, and Owl Carousel, indicating a moderate level of digital maturity. However, the site lacks HTTPS encryption and modern security configurations, which significantly impacts its security posture. Performance is rated slow due to missing SSL and potential optimization gaps, though mobile responsiveness and navigation clarity are good. Security evaluation reveals critical vulnerabilities including the absence of SSL/TLS, no HSTS, no DNSSEC, and missing security headers. These gaps expose the site to potential interception and downgrade attacks. The domain's imminent expiry in 11 days adds operational risk. Privacy compliance is minimal, with basic privacy and terms documents available but no cookie consent or incident response contacts. Overall, AMES demonstrates solid business credibility and content quality but requires urgent security improvements to protect its digital assets and customer trust. Strategic recommendations include immediate SSL implementation, enhanced domain protection, and adoption of security best practices to elevate the security score and compliance posture.

BMW USA operates as the official US branch of BMW AG, providing a comprehensive digital platform for luxury vehicle sales, including new, pre-owned, electric, and hybrid models. The website offers rich content, detailed vehicle information, and multiple customer engagement tools such as build-your-own configurators, dealer locators, and financial services. The brand maintains a strong market position as a premium automotive manufacturer with a focus on innovation and customer experience. Technically, the site leverages Adobe Experience Manager, modern JavaScript modules, and integrates various analytics and marketing tools, reflecting a mature digital infrastructure. Security measures are partially implemented with secure cookies and some security headers, but the SSL certificate is invalid or missing, which is a critical issue. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires improvements in SSL configuration and security headers to enhance its security posture.

P

Porsche Inter Auto

porschewiennord.at

0

Porsche Inter Auto is a prominent automotive dealership network in Austria, representing multiple Volkswagen Group brands including VW, Audi, Porsche, ŠKODA, SEAT, and CUPRA. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing, and accessories. Their market position is strong within the Austrian automotive retail sector, supported by a large network of dealer locations and a high volume of customer reviews indicating strong customer satisfaction. Technically, the website is built on the Plone CMS platform using Python and Zope, with Cloudflare providing hosting and CDN services. The site integrates modern web technologies such as Google Tag Manager, OneTrust for cookie consent, Leaflet and Google Maps for location services, and Swiper for interactive content. The site is well-structured, mobile-optimized, and includes rich content and structured data for SEO. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like HSTS are missing, and no advanced SSL/TLS features are enabled. However, the site does implement some security headers such as X-Frame-Options and uses Cloudflare for some level of protection. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will significantly enhance user trust and compliance with modern security standards.

BMW Group Careers website serves as a global recruitment portal for the BMW Group, a leading enterprise in the automotive transportation sector. The site offers extensive information about career opportunities worldwide, highlighting the company's commitment to innovation in autonomous driving, e-mobility, and AI. The website is well-branded, professionally designed, and targets job seekers globally with a focus on technology and automotive professionals. Technically, the site is built on Adobe Experience Manager and uses Akamai CDN and Google Maps API, reflecting a mature digital infrastructure. However, a critical security gap exists as the site lacks HTTPS, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. The absence of direct contact emails or phone numbers is noted, but social media channels are official and active. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

faigle Kunststoffe GmbH is a medium-sized, family-owned company specializing in thermoplastic plastic solutions for industrial sectors such as transportation, intralogistics, public transport, and manufacturing. The company offers a range of products including machined finished parts, holding loops, plastic rollers, and semi-finished products, supported by an online shop. The business is positioned as an innovative and quality-focused player with international subsidiaries and recognized certifications like the Red Dot Design Award and Creditreform creditworthiness certificate. Technically, the website uses nginx, Google Tag Manager, and Matomo Analytics, but lacks a valid SSL certificate, resulting in insecure HTTP access and weak security posture. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. The website is well-structured, mobile-optimized, and professionally branded, though performance is slow and accessibility is basic. Security headers are partially implemented but critical SSL/TLS deficiencies significantly reduce the security score. Overall, the domain registration is consistent and legitimate, matching the business claims.

E

Econsult

econsult.at

0

Econsult is a small Austrian logistics consulting firm specializing in production logistics, supply chain design, transport economics, system and warehouse planning, process management, and public projects. The website targets businesses seeking expert logistics consulting services and presents a professional, content-rich presence primarily in German with English alternatives. The technical infrastructure is based on Joomla CMS with PHP 8 and hosted by Austria Web Hosting. However, the site lacks HTTPS, exposing visitors to significant security risks. Basic security headers are present, but critical SSL/TLS configurations are missing. Privacy compliance is minimal with no cookie consent mechanism despite Google Analytics tracking. Contact information is limited to an obfuscated email address, with no phone or physical address visible. Social media presence includes LinkedIn and Xing profiles.

The Doppelmayr Group website for the Automated People Mover system presents a business focused on transportation solutions, specifically cable liner automated people movers designed to manage high visitor flows efficiently. The company appears to be a large, established entity in the transportation sector based in Austria, with a consistent brand presence and clear business focus. The website content is basic but includes well-structured SEO metadata and social sharing tags, indicating some digital marketing maturity. Technically, the site uses modern frameworks such as Nuxt.js and WordPress CMS, hosted behind Cloudflare CDN. However, the absence of a valid SSL certificate and lack of HTTPS severely undermine the security posture. Performance metrics are unavailable, but the presence of many prefetch and preload scripts suggests an attempt at optimization, though the lack of HTTPS is a critical flaw. Mobile optimization and accessibility are basic, with room for improvement. Security analysis reveals significant vulnerabilities: no SSL/TLS encryption, no HSTS, no DMARC, DNSSEC, or CAA records, and no security.txt or vulnerability disclosure policies. Tracking and advertising scripts are present without accompanying privacy or cookie policies, indicating poor privacy compliance. No contact or incident response information is provided, limiting transparency and trust. Overall, the website's risk profile is elevated due to missing HTTPS and privacy compliance gaps. Strategic improvements in security infrastructure, privacy policies, and contact transparency are recommended to enhance trust and compliance.

Post Office Limited operates a comprehensive UK-wide network providing postal, financial, travel, insurance, and identity services. The website reflects a mature digital presence with extensive service offerings and strong brand consistency. The company leverages multiple external partners for financial and travel services, integrating them seamlessly into their platform. Technically, the site uses Magnolia CMS, Akamai CDN, and common JavaScript libraries like jQuery, ensuring a robust infrastructure. However, the SSL/TLS configuration is critically flawed with an invalid certificate and no enabled TLS protocols, exposing users to security risks. Additionally, a subdomain takeover vulnerability exists on api.postoffice.co.uk, which could be exploited if not remediated. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy practices. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

E

EDITORIAL. LOGÍSTICA .LA

logistica.la

0

EDITORIAL. LOGÍSTICA .LA is a specialized editorial platform focused on logistics and supply chain management in Latin America, providing professional content, industry insights, and resources primarily in Spanish. The website is hosted on WordPress.com, leveraging WordPress CMS and related technologies such as Jetpack and Gutenberg. The site targets professionals, academics, and students interested in logistics and SCM, with a small but engaged subscriber base. Technically, the site uses modern web technologies but suffers from a critical lack of valid SSL/TLS configuration, exposing users to potential security risks. Privacy compliance is basic, with cookie consent implemented but no explicit privacy policy or terms of service found. The domain is mature and well-protected, registered with GoDaddy, supporting the site's legitimacy. Overall, the site offers valuable content but requires urgent security improvements to protect visitors and enhance trust.

F

Fercam S.p.A.

fercam.com

0

FERCAM S.p.A. is a well-established logistics and transport company with over 75 years of experience, offering a broad range of services including road, air, and ocean freight, integrated logistics, customs consulting, and specialized transport services. The company operates primarily in Europe with presence in Asia and Africa, targeting businesses requiring comprehensive supply chain solutions. The website demonstrates a good level of digital maturity with multi-language support, structured navigation, and integration of modern analytics and marketing tools. However, the absence of HTTPS and a valid SSL certificate significantly weakens the security posture, exposing users to potential risks. Privacy and cookie policies are present and supported by consent mechanisms, indicating compliance with GDPR standards. Overall, the site is professional and trustworthy but requires urgent security improvements.

B

Bridgestone Americas, Inc.

bridgestoneamericas.com

0

Bridgestone Americas, Inc. is a leading enterprise in the transportation sector specializing in tire manufacturing and sustainable mobility solutions. Founded in 1931 and operating as a subsidiary of Bridgestone Corporation, the company maintains a strong market position with a comprehensive digital presence. The website reflects a professional and consistent brand image, targeting both consumers and business clients with detailed corporate information and resources. Technically, the site leverages modern frameworks such as Adobe Experience Manager and Vuetify, supported by a robust hosting infrastructure on AWS. However, a critical security gap exists due to an invalid or missing SSL certificate, severely impacting the site's security posture. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is trustworthy and professionally maintained but requires urgent remediation of its SSL configuration to ensure secure user interactions.

A

AXIS Flight Training Systems GmbH

axis-simulation.com

0

AXIS Flight Training Systems GmbH is a medium-sized Austrian company specializing in the design and manufacture of advanced flight simulation solutions, including full flight simulators and training devices that comply with international aviation standards such as EASA, FAA, and ICAO. Founded in 2004, AXIS positions itself as an innovator in the flight simulation industry, emphasizing quality, efficiency, and responsiveness to customer needs. The company maintains ISO 9001-2015 certification and has committed to CO2 neutrality since 2021, reflecting corporate responsibility values. Technically, the website is built on WordPress with Elementor and integrates various plugins for event management, galleries, and cookie consent. The site uses Google Analytics and Google Ads for analytics and marketing, with a compliant cookie consent mechanism in place. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. The DNS configuration shows some malformed CAA records, and no modern TLS protocols are enabled, exposing the site to potential security risks. Security posture is weak due to the absence of HTTPS and related security headers, although no active vulnerabilities or malware were detected. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms. Business credibility is high, supported by detailed company information, social media presence, and trust indicators such as certifications and CO2 neutrality. Overall, the website is professional and content-rich but requires urgent security improvements, particularly SSL/TLS implementation, to protect user data and enhance trustworthiness.

G

Gruppo Codognotto

codognotto.eu

0

Gruppo Codognotto is a well-established logistics and freight transport company based in Italy, offering integrated logistics services including sea, air, and road transport, customs handling, and warehousing. The company operates a large fleet across multiple countries and holds recognized ISO certifications, positioning itself as a reliable third-party logistics provider in the European and international markets. The website reflects a professional business presence with clear service offerings and relevant content for its target audience. Technically, the site runs on Drupal 7 with common web technologies like jQuery and Bootstrap, but suffers from outdated CMS usage and lacks a valid SSL certificate, which significantly impacts its security posture. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols exposes users to risks. Privacy and cookie policies exist but are basic, with limited GDPR compliance indicators. Contact information is available via email and forms, but no phone numbers or physical addresses are explicitly provided. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

Genuine Parts Company is a well-established global leader in the distribution of automotive and industrial replacement parts, founded in 1928. The company operates extensively across North America, Europe, and Australasia with a large workforce and numerous locations. Their business model focuses on providing quality parts and value-added solutions through a network of subsidiaries and partner brands such as NAPA and Motion. The website reflects a mature corporate presence with investor relations, sustainability reporting, and career opportunities prominently featured. Technically, the site is built on WordPress with common libraries and frameworks, and is hosted behind Cloudflare. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is addressed through a OneTrust cookie consent mechanism and a comprehensive privacy policy, but no explicit terms of service or security policies are found. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

A

AirBerlin PLC & Co. Luftverkehrs KG

airberlin.com

0

The website for airberlin.com currently serves as a minimal placeholder 'Coming Soon' page referencing insolvency information for AirBerlin PLC & Co. Luftverkehrs KG, a former airline company. The site lacks substantive business content, contact information, and user engagement features, reflecting the company's insolvency status and inactive operations. Technically, the site uses Tailwind CSS for styling and is hosted on Hetzner infrastructure, but suffers from poor performance with a high load time and lacks modern web optimizations. Critically, the site does not have a valid SSL certificate and is served over HTTP only, exposing users to security risks. No privacy, cookie, or terms of service policies are present, and no contact or social media links are provided, limiting transparency and user trust. Overall, the website's security posture is weak, with no HTTPS, no security headers, and no advanced DNS security features enabled.

R

Rosenfelt & West Engineering A/S

rwe.dk

0

Rosenfelt & West Engineering A/S is a Danish engineering company specializing in railway safety systems, including automatic secured level crossings and marshalling yard safety installations. The company offers comprehensive services such as equipment renovation, training courses, and career opportunities within the railway safety sector. Their market position is supported by certifications in environmental management, quality management, and railway safety standards, reflecting a commitment to reliability and compliance. Technically, the website is built on WordPress with common plugins and hosted on a LiteSpeed server, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS and related security headers exposes the site and its visitors to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie policy or consent mechanism detected. Contact information is limited to a phone number and contact page link, with no email addresses or social media profiles found. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

Stellantis NV operates a comprehensive global website representing one of the world's largest automotive groups with a portfolio of 14 iconic brands and mobility services. The site targets industry stakeholders, investors, customers, and the general public, providing rich content including press releases, investor relations, sustainability initiatives, and innovation highlights. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries like jQuery, and performance monitoring tools such as Boomerang, hosted on Microsoft Azure with Akamai CDN integration. While the website demonstrates excellent design quality, mobile optimization, and SEO practices, it critically lacks a valid SSL certificate and HTTPS support, severely impacting its security posture. Security headers are partially implemented but insufficient without TLS encryption. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is strong with consistent branding and comprehensive content. Overall, the site scores moderately due to the critical absence of HTTPS, which should be prioritized to protect user data and maintain trust.

A

AirPlus

airplus.com

0

AirPlus operates as a global enterprise specializing in corporate travel payment and expense management solutions. The company targets business travelers and corporate clients worldwide, offering localized website versions for multiple countries and languages. The business model focuses on B2B services within the transportation sector, positioning AirPlus as an established player in the corporate travel payment industry. Technically, the website is hosted on an Apache server with Akamai CDN support, utilizing JavaScript and Bootstrap frameworks for frontend presentation. While the site offers multilingual support and country-specific content, performance metrics are not provided, and the site shows basic mobile optimization and accessibility features. The technical stack is modern but lacks advanced CMS or platform indicators. From a security perspective, the website lacks a valid SSL certificate and does not enable any TLS protocols, which is a critical vulnerability. Although several security headers are present, some important protections like X-XSS-Protection are disabled, and HSTS is not fully configured. The site uses multiple external tracking and advertising services, leading to extensive user tracking without visible privacy or cookie policies, indicating poor privacy compliance. Overall, the website demonstrates moderate business credibility but suffers from significant security and privacy shortcomings. Strategic improvements in SSL/TLS configuration, privacy policy implementation, and security header enhancements are essential to reduce risk and improve trustworthiness.

D

DS AUTOMOTION GmbH

ds-automotion.com

0

DS AUTOMOTION GmbH is a medium-sized Austrian company specializing in the development and manufacture of driverless transport systems and autonomous mobile robotics, with nearly 40 years of experience. The company operates internationally and is part of the SSI Schaefer Group, enhancing its market position. Their key offerings include automated guided vehicles (AGVs), autonomous mobile robots (AMRs), fleet management software (NAVIOS), and custom vehicle solutions tailored to various industries such as manufacturing and intralogistics. The website reflects a professional and modern digital presence built on TYPO3 CMS, featuring responsive design and good SEO practices. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture.

D

Deutsche Lufthansa AG

ltt.aero

0

Lufthansa Technical Training (LTT) is a well-established aviation technical training provider affiliated with Deutsche Lufthansa AG. The company offers a broad range of training services including vocational, basic, and type training for aviation professionals worldwide. Their business model targets both individual trainees and corporate clients, leveraging customized training solutions to meet specific needs. The website reflects a professional and consistent brand image with comprehensive content and strong trust indicators such as EASA certification and Lufthansa Group affiliation. Technically, the site is built on the Scrivito CMS platform and hosted on Amazon S3 with CloudFront CDN, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which severely impacts security posture. Privacy and cookie policies are well implemented and GDPR compliant, with moderate user tracking via Google Analytics and marketing tools like Intercom and Usercentrics. Overall, the website provides a good user experience and clear navigation but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

KTM Sportmotorcycle GmbH operates a professionally designed and content-rich website targeting motorcycle enthusiasts primarily in Finland and Europe. The company is a leading European manufacturer of high-performance street and offroad motorcycles, supported by a large-scale business model including sales, parts, accessories, and motorsport activities. The website leverages modern technologies such as Adobe Experience Manager, Scene7 Dynamic Media, and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security weakness is present due to an invalid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy and cookie policies are well implemented and GDPR compliant, supporting good privacy practices. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

QCM Holding is a Swiss-based aviation competence center specializing in regulatory and Part-147 training, design approvals, aircraft technical management, and consulting services. With over 25 years of industry presence and recent ownership transition, QCM maintains a strong market position serving aviation professionals and organizations. The website reflects a professional and comprehensive service offering with clear navigation and relevant content. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and analytics tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business demonstrates credibility and trustworthiness, though the security weaknesses present a risk that should be addressed promptly.

E

Exmanco

exmanco.com

0

Exmanco is a regional Austrian automotive service provider and retailer specializing in tires, rims, auto parts, and vehicle maintenance services. Operating multiple branches in Austria, the company targets vehicle owners seeking professional and affordable automotive repair and parts. The website is built on WordPress with WooCommerce and uses the Enfold theme, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support represents a significant security risk. The site includes cookie consent mechanisms and structured data for SEO but lacks comprehensive privacy and security policies. Contact information and physical addresses are clearly provided, supporting business credibility.

A

AASupplies e.U

aa-supplies.eu

0

AASupplies e.U is a Vienna-based company specializing in the sale and logistics of premium used warehousing equipment, forklifts, generators, and material handling machinery. The company targets businesses primarily in Europe and the Middle East, offering access to a large inventory and comprehensive transport services. Their multilingual team and European supplier network position them as a reliable B2B provider in the transportation sector. Technically, the website is built on WordPress with modern plugins such as WooCommerce, Elementor, and Gravity Forms, but lacks a valid SSL certificate, which is a critical security gap. The site includes GDPR-compliant cookie consent and privacy policies, reflecting good privacy practices. However, the absence of HTTPS and some security headers reduces the overall security posture. The business information is transparent and consistent with WHOIS data, enhancing credibility. Strategic improvements in SSL deployment and security policy publication are recommended to strengthen trust and compliance.