Security Directory

S

Samsung SDI Battery Systems GmbH

samsungsdibs.at

0

Samsung SDI Battery Systems GmbH is a medium-sized company specializing in the development, testing, and industrialization of advanced lithium-ion battery systems for electric and hybrid vehicles. Located in Kalsdorf near Graz, Austria, the company is part of the Samsung SDI family and holds multiple ISO certifications demonstrating a strong commitment to quality, environmental management, information security, and cybersecurity. The website presents a professional and content-rich digital presence targeting automotive OEMs and stakeholders in the e-mobility sector. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, but lacks HTTPS, which is a critical security shortfall. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company shows a strong market position in energy and transportation sectors with a focus on sustainability and innovation.

Primetals Technologies is a global leader in metallurgical plant solutions, offering a comprehensive portfolio of services and technologies across the steel production value chain. Their website reflects a mature enterprise-level business with a strong focus on innovation, digitalization, and sustainability, including green steel initiatives. The company targets industrial clients and professionals in the steel and metallurgical sectors, providing automation, lifecycle services, and integrated plant solutions. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes multilingual support and professional design. However, the absence of a valid SSL/TLS certificate and HTTPS support is a critical security gap that undermines data protection and user trust. Security headers are well implemented, but the lack of encryption and modern TLS protocols significantly lowers the security posture. Privacy compliance is well addressed with Cookiebot and Google Consent Mode integration, ensuring GDPR alignment. Overall, the site demonstrates high business credibility and professionalism but requires urgent security improvements to meet modern standards.

J

JUDO.eu

judo.eu

0

JUDO.eu is a well-established German company specializing in water treatment solutions, with a history dating back to 1936. The company offers a broad range of products including protective filters, softening systems, lime protection, dosing pumps, leakage protection, wellness, heating protection, and smart home water solutions. Their market position is strong with a focus on innovation and sustainability, targeting both professional and consumer markets internationally. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for SEO, cookie management, and user interaction. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security weakness. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

S

Security Company - Leading Security Solutions - Lodge Service

lodgeservice.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 29 security findings identified across all modules.

Silhouette International Schmied AG is a well-established manufacturer and market leader specializing in premium rimless eyewear. The company targets consumers and businesses seeking high-quality, innovative eyewear products. Their website reflects a professional brand image with consistent messaging and clear business focus. Technically, the website is built on modern technologies including Storyblok CMS and Vue.js, with content delivery optimized via Amazon CloudFront. However, the website lacks a valid SSL certificate and does not support HTTPS, which significantly undermines its security posture. Security headers are partially implemented but cannot compensate for the absence of proper encryption. Privacy and cookie policies are missing, indicating compliance gaps with GDPR and related regulations. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

A

Alicona Imaging GmbH

alicona.com

0

Alicona Imaging GmbH operates as a global provider of optical 3D metrology and surface roughness measurement solutions, specializing in non-contact measurement technologies based on Focus-Variation. The company targets manufacturing sectors such as automotive, aerospace, medical technology, and precision manufacturing, offering devices and automation solutions to enhance quality assurance and production measurement. The website reflects a mature digital presence with professional design, comprehensive content, and active engagement through blogs and events. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The technical infrastructure leverages modern frameworks and CMS platforms, but performance issues such as slow load times need addressing. Privacy compliance is well managed with cookie consent mechanisms and clear privacy policies. Overall, Alicona demonstrates strong business credibility but must urgently improve its security posture to align with best practices and regulatory requirements.

objectflor Art und Design Belags GmbH is a medium-sized German company specializing in high-quality, innovative, and elastic flooring solutions, primarily vinyl and rubber floors. As a subsidiary of James Halstead plc, it serves 16 countries in Central Europe and holds a leading market position in the flooring industry. The company offers a broad product portfolio, including design floors, technical vinyl, and rubber flooring, complemented by services such as design studios, training seminars, and a partner network. The website is professionally designed, content-rich, and targets both B2B and B2C customers seeking sustainable and functional flooring solutions. Technically, the site runs on TYPO3 CMS with integrations for consent management and analytics, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. This significantly impacts the security posture and overall trustworthiness of the site. Privacy compliance is well addressed with GDPR-consistent policies and consent mechanisms. Business credibility is strong, supported by certifications and transparent contact options. Strategic improvements in SSL deployment and security headers are essential to enhance user trust and protect data integrity.

Ö

ÖAR GmbH

oear.at

0

ÖAR GmbH is a consulting company specializing in regional development, organizational cooperation, and evaluation services primarily targeting organizations, communities, and regions. The company positions itself as a professional and experienced niche player with international reach, supported by a well-structured and content-rich website. Technically, the site is built on WordPress with common plugins and libraries, but suffers from a lack of HTTPS and valid SSL certificate, which significantly impacts its security posture. Privacy and legal compliance are well addressed with clear policies and contact information. Overall, the website is professional and trustworthy but requires urgent improvements in security to protect user data and enhance trust.

H

Heller Consulting

teamheller.com

0

Heller Consulting is a mature and reputable technology consulting firm specializing in nonprofit and higher education sectors. They provide tailored technology strategies and implementations focusing on platforms such as Salesforce, Microsoft, and Blackbaud. The company has a strong market position supported by client testimonials, certifications like Certified B Corporation, and partnerships with major technology providers. Technically, the website is built on WordPress with modern plugins and SEO tools, offering good mobile optimization and accessibility. However, the absence of HTTPS is a critical security gap, exposing users to potential risks. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the business credibility is high, but security posture needs urgent improvement to protect user data and enhance trust.

K

Kaleidoscope GmbH

kaleidoscope.at

0

Kaleidoscope GmbH is a medium-sized technology company specializing in terminology management, quality management, translation, and documentation services. They provide a comprehensive suite of software and consulting services aimed at enabling businesses to communicate content globally in a consistent and efficient manner. Their market position is supported by long-standing client relationships and partnerships with technology providers such as Eurocom, Congram, and Greatcontent. The website is professionally designed, content-rich, and optimized for SEO, targeting companies seeking global content solutions. Technically, the site is built on WordPress with modern plugins and themes but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with several missing best practices, including HTTPS and TLS support. Privacy compliance is well addressed with cookie consent and privacy policies in place. Overall, the site is trustworthy but requires urgent security improvements.

The website bluedanuberobotics.com is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any meaningful business content or contact information. The site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The technical infrastructure relies on Cloudflare for DNS and hosting services, but the current misconfiguration or propagation delay is causing the site to be unreachable. Security headers are partially implemented but insufficient to ensure robust security. No privacy, cookie, or terms of service policies are present, indicating poor compliance posture. Overall, the site is not operational and presents significant risks and trust issues.

The website brf-global.com is currently inaccessible due to a Web Application Firewall (WAF) protection by Incapsula, which blocks all content and prevents any meaningful analysis of the site's business or security posture. The domain is mature, registered since 2014, and uses Azure DNS and Microsoft Outlook for mail services, indicating a legitimate registration and hosting setup. However, the absence of an active SSL certificate and the lack of accessible content severely limit the ability to assess the company's business model, services, or compliance with privacy regulations. The security posture is weak due to missing HTTPS and security headers, and no privacy or cookie policies are detectable. Overall, the site appears to be protected by strong domain registration controls but lacks visible digital maturity and security best practices on the web front.

I

ING

ing.at

0

The website ing.at serves as an informational landing page announcing the transfer of ING Austria's private banking business to bank99 AG as of November 30, 2021. It provides contact information for former customers and legal representatives handling specific cases. The site is primarily targeted at former ING Austria private banking customers and does not offer active banking services. Technically, the site uses modern web technologies including Lit for UI components, service workers for offline capabilities, and integrates third-party services such as Usercentrics for cookie consent and Webtrekk for analytics. However, the SSL configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Security headers are well implemented but undermined by the lack of proper SSL. The domain registration and DNS records are consistent with a legitimate banking entity, and the site includes standard privacy and cookie policies compliant with GDPR. Overall, the site is professional and trustworthy in content but requires urgent remediation of SSL issues to ensure secure user access.

The website for t-systems.at is currently inaccessible, returning a 403 Forbidden error with minimal HTML content, indicating that access is blocked or restricted. The domain is registered and maintained by a reputable telecommunications entity associated with Telekom, as evidenced by DNS and WHOIS data. However, the lack of SSL/TLS encryption and absence of any visible website content or metadata severely limits the ability to assess the company's digital presence and user engagement. The technical infrastructure shows hosting behind an AWS Elastic Load Balancer but without proper HTTPS configuration, which is a critical security gap. Security posture is weak due to missing HTTPS, lack of security headers, and no advanced protections such as HSTS or OCSP stapling. Overall, the site is not currently usable for public interaction or business communication, and the security risks are significant due to the absence of encryption and content access restrictions.

F

Flint Group

flintgrp.com

0

Flint Group is a global enterprise specializing in manufacturing print consumables for the packaging and printing industries. The company emphasizes sustainable innovation, customer support, and ethical business practices, positioning itself as a global leader in its sector. The website reflects a professional and comprehensive digital presence with extensive content, clear navigation, and a focus on sustainability and corporate responsibility. Technically, the site uses modern analytics and tracking tools but lacks HTTPS support due to an invalid or missing SSL certificate, which is a significant security concern. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, Flint Group demonstrates strong business credibility but must address its SSL/TLS configuration to improve security posture and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Active Solution Sverige AB

activesolution.se

0

Active Solution Sverige AB is a well-established Swedish technology consulting company founded in 1998, specializing in system development, cloud-based solutions, artificial intelligence, and digital transformation. The company holds recognized Microsoft Solutions Partner Designations and a specialization in building and modernizing AI applications with Microsoft Azure, indicating strong technical expertise and market positioning. Their website reflects a professional and content-rich presence, targeting businesses seeking innovative digital solutions and cloud transformation services. Technically, the site is built on Squarespace with integrations of HubSpot and Google Tag Manager for marketing and analytics, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. While cookie consent mechanisms are implemented, the absence of privacy and terms of service policies indicates incomplete privacy compliance. Overall, the business appears credible and mature, but immediate attention is needed to secure the website with proper SSL/TLS configuration to protect visitors and maintain trust.

The website quorumconsulting.com currently serves only a minimal HTML page containing a JavaScript redirect to /lander, with no additional content, metadata, or business information. The domain is registered and active with GoDaddy nameservers but lacks a valid SSL certificate, resulting in no HTTPS support. This severely limits the site's security posture and trustworthiness. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available. Overall, the site appears to be either under development or a placeholder with no meaningful public-facing content.

P

PARTNER Consulting+Projects GmbH

partner-cp.com

0

PARTNER Consulting+Projects GmbH is a specialized consulting and project realization company serving cultural institutions and museums primarily in Austria and beyond. With over 30 years of experience, the company offers comprehensive services including consulting, project management, sustainability solutions, and interim management. Their market position is well-established with a strong portfolio of projects and partnerships. Technically, the website is built on WordPress with modern plugins and hosted on WP Engine with Cloudflare CDN, reflecting a mature digital infrastructure. However, the lack of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the business demonstrates professionalism and trustworthiness but must urgently address its SSL/TLS security to protect user data and improve trust.

The website boutique1.com currently serves minimal content, appearing as a placeholder or parking page with no visible business or contact information. The domain is mature, registered since 2007 with GoDaddy.com, LLC, and shows strong domain protection and low expiry risk. However, the lack of a valid SSL certificate and absence of privacy or cookie policies indicate a low security and compliance posture. The technical infrastructure includes JavaScript and hosting on Amazon AWS, but performance is slow and SEO optimization is poor. Security best practices are not implemented, and no forms or user data collection mechanisms are present. Overall, the site lacks professionalism and trust indicators, resulting in a low AI score and high risk for user trust and compliance.

A

Axians ICT Austria GmbH

axians.at

0

Axians ICT Austria GmbH is a well-established IT service provider in Austria, offering a broad range of IT solutions including cloud services, cyber security, enterprise networks, and SAP consulting. The company targets business customers across various industries and emphasizes a human-centric approach to technology. Technically, the website is built on WordPress with modern libraries and integrates analytics and marketing tools such as Matomo and HubSpot. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in its SSL/TLS configuration to enhance security and user trust.

The website cddiputados.gob.mx serves as a minimal redirect page to https://congresoedomex.gob.mx, indicating it is an official government domain related to the legislative body of the State of Mexico. The site lacks substantive content, policies, or contact information, reflecting a very basic web presence. Technically, the site is served by Apache over HTTP without SSL/TLS encryption, which is a significant security shortfall for any modern website, including government domains. The absence of security headers, DNSSEC, and other best practices further weakens its security posture. From a business perspective, the domain is consistent with government registration norms and appears legitimate, but the digital maturity is low. Overall, the site presents a low-risk profile due to its minimal functionality but requires urgent improvements in security and compliance to meet modern standards.

B

BioEnergy Consult

bioenergyconsult.com

0

BioEnergy Consult is a specialized advisory and consulting organization focusing on biomass energy, waste-to-energy, and waste management sectors. The website serves as a rich knowledge base with extensive articles targeting professionals and organizations interested in renewable energy and environmental sustainability. The technical infrastructure is based on WordPress with common plugins for SEO and analytics, but lacks HTTPS security, which is a critical vulnerability. The site has implemented privacy and cookie policies with consent mechanisms, but lacks explicit terms of service and security policies. Overall, the site is content-rich and professionally presented but requires significant security improvements to protect users and enhance trust.

R

Rosendahl Nextrom GmbH

rosendahlnextrom.com

0

Rosendahl Nextrom GmbH is a well-established global leader in production technologies serving the battery, cable & wire, and optical fiber industries. The company offers sophisticated manufacturing equipment and tailor-made solutions, targeting industrial manufacturers worldwide. The website reflects a mature business with a professional digital presence, including multi-language support and structured data for SEO. Technically, the site uses WordPress with Elementor and performance optimizations like WP Rocket, hosted behind Cloudflare CDN. However, a critical security gap exists as the site lacks HTTPS/SSL encryption, exposing users to potential risks. Privacy compliance is addressed with a privacy policy and cookie consent via Cookiebot. Business credibility is strong with clear contact forms and parent company affiliation to KNILL Gruppe. Overall, the site is content-rich and professionally maintained but requires urgent security improvements.

R

recomresearch.com

recomresearch.com

0

The website recomresearch.com is a mature domain registered since 1999 but currently serves as a parked domain with minimal content focused on advertising and related search results. There is no clear business description, contact information, or services offered, indicating it is not an active commercial site. The technical infrastructure relies on Bodis domain parking and Google advertising scripts, with no CMS or modern web frameworks detected. Performance is poor with a high load time, and mobile optimization is basic. Security posture is weak due to the absence of HTTPS, security headers, and DNSSEC, exposing the site to potential risks. Privacy compliance is minimal, lacking cookie consent mechanisms despite ad scripts. Overall, the site has low trustworthiness and business credibility, primarily serving as a monetized placeholder domain.

M

mehrwert.life

ihrmehrwert.at

0

The website ihrmehrwert.at represents a small Austrian consulting and coaching business focused on personal and business transformation for entrepreneurs. The company offers services to help clients develop new behaviors for improved life quality, operational stability, and business model innovation. The site is professionally designed with consistent branding and includes customer testimonials and LinkedIn profiles to build trust. Technically, the site uses the WebPlatform CMS hosted on Amazon AWS, with integrations such as Google Calendar and Google reCAPTCHA. However, the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are minimal, and no incident response or security policies are published. Privacy and cookie policies exist but are hosted externally on Google Drive, with a cookie consent mechanism implemented. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

D

DDB Worldwide

tribalworldwide.com

0

DDB Worldwide is a highly ranked global advertising agency specializing in creative advertising and marketing services. The company operates an enterprise-level website built on WordPress, hosted on WP Engine and served via Cloudflare CDN, leveraging modern web technologies such as jQuery, Axios, and ReactPress. The website features professional design, clear navigation, and comprehensive privacy and cookie policies, indicating a mature digital presence. However, the absence of a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks and reducing trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Contact information is limited to email addresses without phone numbers or physical addresses, and no explicit security or incident response policies are published. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent security improvements.

PSI Software SE operates the website psimetals.com, providing specialized production management software solutions for the metals industry, including steel, aluminum, and copper manufacturing. Their flagship product, PSImetals, integrates SCM, APS, and MES functionalities to optimize production and logistics, with a strong emphasis on sustainability and decarbonization. The company targets industrial manufacturers seeking to improve operational efficiency and meet environmental standards. The website demonstrates a mature digital presence with comprehensive content, case studies, and customer references, reflecting a well-established market position. Technically, the site is built on TYPO3 CMS and leverages modern JavaScript libraries such as Vue.js, Axios, and Parsley.js for enhanced user experience and form validation. However, performance metrics are lacking, and the SSL/TLS configuration is critically deficient, with no valid certificate and no TLS protocols enabled, severely impacting security posture. The site includes privacy and cookie policies compliant with GDPR, and uses Google Analytics and Tag Manager for user tracking at a moderate level. Security-wise, while several security headers are implemented, the absence of a valid SSL certificate and HTTPS enforcement is a major vulnerability. DNS security features like DNSSEC and CAA are not enabled, and domain protection locks are missing, which could expose the domain to hijacking risks. No explicit incident response or security policy information is available on the site. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, enhancing DNS security, and publishing clear security and incident response policies.

D

Die Presse Verlags-Gesellschaft m.b.H. & Co KG

diepresse.com

0

Die Presse is a prominent Austrian media company operating a comprehensive online news portal offering premium journalism, podcasts, videos, and newsletters targeting German-speaking audiences primarily in Austria. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks (Vue.js), advanced consent management (Didomi), and multiple advertising and analytics platforms. However, the security posture is notably weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. Privacy compliance is robust with clear policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and maintain trust.

Condor is a well-established airline focused on providing affordable flights primarily between the USA, Canada, and Europe. The website offers comprehensive flight booking services, flexible fare options, and travel extras such as seat reservations and baggage management. The company targets travelers seeking convenient and cost-effective air travel solutions. Technically, the website is built on TYPO3 CMS and leverages Akamai CDN for content delivery, with modern JavaScript frameworks and cookie consent managed by Usercentrics, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Privacy compliance is well addressed with GDPR-consistent cookie consent mechanisms and clear privacy policies. Overall, the website is professional and user-friendly but requires urgent security improvements to protect user data and ensure secure transactions.

D

Design Storz GmbH

designstorz.com

0

Design Storz GmbH is a small, established Austrian design studio with over 38 years of experience specializing in automotive, product, graphic design, branding, and design strategy. The company serves international clients including major automotive brands and consumer product companies. The website is built on WordPress using popular plugins and page builders, presenting professional content and clear navigation primarily in German. However, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the business credibility is moderate, supported by consistent WHOIS data and a clear contact presence. The security posture is weak due to missing HTTPS and security headers, which should be addressed urgently to protect user data and improve trust.

Ing. Michael Josef EDER operates a small, specialized Baumeister (master builder) business based in Hallein, Austria, offering comprehensive construction planning, execution, management, and consultancy services primarily for private residential, commercial, and industrial clients. The company has an established local presence since 1995 and demonstrates professionalism through certifications and clear contact information. Technically, the website is built on WordPress with Elementor and Yoast SEO, showing good SEO and mobile optimization but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. The security posture is weak, lacking essential HTTPS encryption and advanced security headers, which poses risks to user data and trust. Privacy compliance is adequate with a cookie consent mechanism and a privacy policy page, but no incident response or security policy information is provided. Overall, the website is functional and professional but requires urgent security improvements to protect visitors and enhance trust.

C

Comprehensive Nuclear-Test-Ban Treaty Organization

ctbto.org

0

The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) operates as an international governmental entity dedicated to monitoring and enforcing the ban on nuclear tests globally. The organization provides key services including verification regimes, international monitoring systems, data analysis, and on-site inspections, targeting member states, researchers, civil society, and media. The website reflects a professional and authoritative presence consistent with its mission and audience. Technically, the site is built on Drupal 10 with modern frameworks and is hosted behind Cloudflare, leveraging Google Analytics and other monitoring tools. The site is mobile-optimized and well-structured, though performance metrics are unavailable. Security headers are implemented, but a critical issue is the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, while the organization employs good header policies and content security policies, the lack of HTTPS and proper TLS support is a major vulnerability. No incident response or security policy pages were found, and cookie consent mechanisms are missing despite tracking usage. DNS records show malformed CAA entries and no DNSSEC, which could be improved. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues and enhancement of privacy compliance mechanisms to improve security and user trust.

T

TTX

ttx.com

0

TTX is a well-established transportation company specializing in railcar pooling and maintenance services across North America. Founded in 1955, it operates a large fleet and extensive maintenance network, serving the rail industry with innovative logistics solutions. The website reflects a mature business with comprehensive service offerings and a clear market position. Technically, the site is built on WordPress with modern libraries and integrates Google Maps and analytics, but suffers from an invalid SSL certificate and lack of HTTPS enforcement, which impacts security posture. Security headers are present, but critical SSL/TLS configurations are missing, exposing the site to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but requires urgent SSL and security improvements to meet modern standards.

S

Sony DADC Europe GmbH

sonydadc.com

0

Sony DADC Europe GmbH operates a professional and comprehensive website presenting itself as a leading end-to-end supply chain and manufacturing service provider primarily serving the entertainment industry. The company offers a broad range of services including micro optics, manufacturing, assembly and packaging, logistics, and global business services. The website is well-structured, professionally designed, and targets B2B clients requiring specialized supply chain solutions. Technically, the site is built on WordPress with common libraries such as jQuery and Swiper.js, and includes SEO optimizations and accessibility features. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and user trust. Privacy and cookie policies are comprehensive and GDPR compliant, but no incident response or vulnerability disclosure information is provided. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and ensure secure communications.

D

dsm-firmenich

dsm.com

0

dsm-firmenich is a global enterprise combining expertise in health, nutrition, bioscience, and fragrance industries with a strong heritage of over 150 years. The company operates multiple business units serving B2B clients worldwide, with a significant workforce and substantial revenue. The website reflects a mature digital presence built on Adobe Experience Manager, integrating advanced marketing and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS support, which poses risks to user trust and data security. Privacy and cookie policies are well implemented, supporting GDPR compliance. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user confidence.

S

Stieglbrauerei zu Salzburg GmbH

stiegl.at

0

Stiegl Privatbrauerei is Austria's leading private brewery with a rich heritage dating back to 1492. The company offers a broad portfolio of beer specialties, operates an online shop, and provides B2B distribution and technical services. The website reflects a mature digital presence with professional design, comprehensive content, and active marketing integrations. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with consent mechanisms, indicating good privacy awareness. Overall, the business is well-established and credible, but urgent improvements in security infrastructure are recommended.

P

Peek & Cloppenburg B.V. & Co. KG

peek-cloppenburg.com

0

Peek & Cloppenburg B.V. & Co. KG is a well-established European fashion retailer with a strong presence in physical stores and online platforms. The company offers a curated selection of international and exclusive brands, targeting fashion-conscious consumers across multiple countries. Their business model focuses on multi-brand retailing with a significant footprint in Europe, supported by a comprehensive loyalty program and customer service infrastructure. Technically, the website is built on modern frameworks like Next.js and Magnolia CMS, leveraging Cloudflare for hosting and CDN services. The site is well-optimized for mobile and SEO, with good accessibility features. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which critically impacts secure communications and user trust. Privacy compliance is robust, with clear policies and consent mechanisms implemented. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

A

Addiko Bank AG

addiko.com

0

Addiko Bank AG operates as a regional digital bank serving multiple European countries with a focus on online banking products such as savings accounts and loans. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting retail and corporate banking customers. Technically, the site is built on WordPress with modern plugins and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is critical for a financial institution. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, while the business and technical aspects are solid, the security deficiencies pose a significant risk that must be remediated promptly.

Scheidt & Bachmann GmbH is a globally recognized provider of innovative system solutions in the transportation and energy retail sectors. Their offerings include parking management, rail signalling, fare collection systems, and energy retail solutions, serving a broad range of mobility providers worldwide. The company positions itself as a market leader with a strong focus on integrated modular solutions and sustainability. Technically, the website is built on TYPO3 CMS with a professional design and good navigation, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, while the business credibility and content quality are strong, the security posture requires urgent improvement to protect user data and enhance trust.

G

GrECo

greco.services

0

GrECo is a well-established insurance and risk management specialist with a strong presence in Central and Eastern Europe, operating since 1925. The company offers a broad range of services including risk consulting, cyber insurance, health and benefits, and international insurance programs. The website reflects a mature digital presence with professional design, multilingual support, and structured data for SEO. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. Privacy policies are present and GDPR compliant, but cookie consent mechanisms are minimal. Overall, the site is content-rich and credible but requires urgent security improvements to align with best practices.

L

Lexogen GmbH

lexogen.com

0

Lexogen GmbH is a specialized biotechnology company based in Vienna, Austria, focused on next generation sequencing (NGS) and transcriptomics solutions. The company offers a comprehensive portfolio of RNA analysis products, including RNA-Seq sample preparation kits, RNA spike-in controls, and bioinformatics data analysis services. Their target audience includes researchers, pharmaceutical companies, and academic institutions seeking innovative RNA sequencing and analysis solutions. Lexogen positions itself as a niche leader with ISO 9001 and ISO 13485 certifications, underscoring its commitment to quality and regulatory compliance. Technically, the website is built on WordPress using Elementor and WooCommerce, hosted on Cloudpit infrastructure. The site integrates modern web technologies such as Google Tag Manager and reCAPTCHA for analytics and security. While the site is mobile optimized and SEO friendly with good content quality and navigation, performance metrics are unavailable. The absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure HTTP connections. From a security perspective, the site lacks HTTPS, HSTS, and other essential security headers, resulting in a low security posture score. No explicit security or incident response policies are published. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is detailed and trustworthy, including multiple phone numbers, emails, and physical addresses in Austria and the USA. Overall, Lexogen's website demonstrates strong business credibility and content quality but suffers from a critical security deficiency due to missing HTTPS. Strategic improvements in SSL implementation and security headers are essential to enhance user trust and data protection. The company’s digital maturity is moderate, with opportunities to improve technical infrastructure and security practices to better support its specialized biotech market presence.

C

C-TEC

c-tec.co.uk

0

The website c-tec.co.uk serves primarily as a minimal landing page that redirects visitors to the main corporate website c-tec.com. It lacks substantive content about the business, its services, or contact information. The site is built on WordPress using the Divi theme and includes jQuery libraries. However, it suffers from significant security and compliance shortcomings, including the absence of an SSL certificate, no privacy or cookie policies, and no visible contact or security incident response information. Performance is slow, and SEO and accessibility features are minimal. Overall, the site appears to be a placeholder rather than a fully developed business portal. From a technical perspective, the site is hosted on Google Cloud infrastructure and uses standard WordPress technologies. The lack of HTTPS and security headers exposes it to potential risks and undermines user trust. No analytics or tracking tools are detected, indicating minimal user data collection. The DNS configuration is standard but lacks advanced security features like DNSSEC or DMARC. Security posture is weak due to missing HTTPS, lack of security headers, and no visible security or incident response policies. The absence of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. No vulnerability disclosure or security.txt files are present to guide security researchers. The domain registration data is consistent with the UK presence and business identity, supporting legitimacy, but the website itself lacks professionalism and trust signals. Strategically, the site should prioritize implementing HTTPS, adding comprehensive privacy and cookie policies, and providing clear contact and security incident response information. Improving site performance, SEO, and accessibility would also enhance user experience and trust. These steps are critical to align the website with modern security and compliance standards and to support the business's digital credibility.

H

Handwerkskammer Aachen

hwk-aachen.de

0

Handwerkskammer Aachen is a regional chamber of crafts in Germany representing approximately 17,400 member businesses. The organization provides a broad range of services including vocational training, further education, consulting, business start-up support, and expert services. The website reflects a well-established institution with a strong market position in the education and government sectors, targeting apprentices, craftsmen, business founders, and companies within the Aachen region. The content is rich, professionally presented, and highly relevant to its audience. Technically, the site is built on the ODAV CMS platform, utilizing modern JavaScript libraries and frameworks, but suffers from poor SSL/TLS implementation, lacking a valid certificate and modern encryption protocols. This significantly impacts the security posture of the website. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Contact information is complete and transparent, enhancing business credibility. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

M

MIC Datenverarbeitung GmbH

mic-cust.com

0

MIC Datenverarbeitung GmbH operates as a leading global provider of customs and trade compliance cloud software solutions, serving over 1000 customers across more than 55 countries. Their SaaS offerings focus on integrated customs compliance and trade compliance systems, supported by a consistent global service organization. The website reflects a mature digital presence built on TYPO3 CMS, with professional design, clear navigation, and extensive product and service information. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. Security headers are well implemented, but the lack of TLS and HSTS reduces overall security posture. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy, though explicit GDPR compliance indicators could be enhanced. Business credibility is strong, supported by consistent WHOIS data, partner logos, and social media presence. Strategic improvements in SSL deployment and security practices are recommended to elevate trust and compliance.

Ecolab Inc. is a global enterprise specializing in water, hygiene, and infection prevention solutions and services. The company serves a broad range of industries including manufacturing, healthcare, hospitality, food and beverage processing, and energy. With a strong market position as a leader in sustainability and operational efficiency, Ecolab offers science-based solutions and data-driven insights to help customers improve safety, reduce environmental impact, and optimize operations. The website reflects a mature digital presence with comprehensive content, clear navigation, and multi-channel contact options. Technically, the website is built on the Sitecore CMS platform, leveraging modern technologies such as Coveo for search, Google Tag Manager for analytics, and OneTrust for cookie consent management. The site is hosted via Akamai CDN and integrates multiple third-party marketing and analytics tools, indicating a sophisticated digital marketing strategy. Accessibility and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site implements strong HTTP security headers and content security policies. However, a critical issue is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly undermines the security posture. This gap exposes the site to risks and should be addressed promptly. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Overall, Ecolab's website demonstrates high business credibility and professionalism but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, enhancing HSTS policies, and continuing to maintain strong privacy and security practices.

B

Base-IT GmbH

baseit.at

0

Base-IT GmbH is an Austrian IT service provider specializing in consulting, planning, installation, and maintenance of IT systems, with a strong focus on cybersecurity and managed services for small and medium enterprises (KMU). The company holds recognized ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certifications, underscoring its commitment to information security and data privacy. Their market position is supported by a portfolio of diverse IT services and a visible client base, including references and social media presence. Technically, the website is built on a SilverStripe CMS platform with modern JavaScript libraries such as jQuery, MDBootstrap, Owl Carousel, and Swiper. The hosting appears to be provided by Hetzner. While the site is mobile-optimized and well-structured with good SEO practices, performance data is lacking, and accessibility is basic. The site uses a cookie consent mechanism compliant with GDPR and integrates Google Analytics for performance and user tracking. From a security perspective, the absence of HTTPS and a valid SSL/TLS certificate is a critical vulnerability, severely impacting the overall security posture. Other security best practices such as HSTS, OCSP stapling, and security headers are missing. The company demonstrates good security governance through certifications but lacks visible incident response or vulnerability disclosure policies on the website. Overall, the website is professional and content-rich but requires urgent security improvements to enable HTTPS and enhance security headers. Strategic recommendations include implementing SSL/TLS, publishing incident response policies, and enhancing security controls to improve trust and compliance.

P

pcode

pcode.at

0

pcode is a small Austrian software agency specializing in the development and design of digital products, online shops, and custom software solutions. With approximately 8 years of experience, the company positions itself as a provider of human-centered digital experiences, emphasizing clean code, accessibility, and UX design. Their market presence is supported by client case studies and a professional online presence including social media channels. Technically, the website is built using modern technologies such as React, Nest.js, TypeScript, and Docker, hosted likely on AWS infrastructure, and developed with the Framer platform. However, a critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers are present but insufficient to compensate for the missing encryption. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided via phone, address, and a contact form, enhancing business credibility. Overall, the website is professionally designed and functional but requires urgent security improvements to protect user data and build trust.

P

PHINIA Inc.

delphi.com

0

PHINIA Inc. is a mature, large-scale business specializing in premium fuel systems, electrical systems, and aftermarket automotive products with a strong emphasis on sustainability and innovation. The company positions itself as a market leader advancing clean transportation technologies and alternative fuels. The website reflects a professional and consistent brand image with comprehensive corporate governance and investor relations information. Technically, the site uses Sitefinity CMS, Cloudflare hosting, and integrates multiple marketing and analytics tools such as Google Analytics and HubSpot. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS support, which poses a critical risk to user trust and data security. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the site is content-rich and professionally maintained but requires urgent remediation of SSL/TLS issues to ensure secure communications.

C

Chemetall GmbH

chemetall.com

0

Chemetall GmbH is a well-established global leader in surface treatment chemical solutions, operating as a subsidiary of BASF. The company serves industrial clients across multiple sectors including aerospace, automotive, and manufacturing, providing advanced chemical technologies and laboratory services. The website reflects a professional and consistent brand presence with good content quality and clear navigation, targeting B2B industrial customers. Technically, the site uses legacy JavaScript libraries and lacks modern performance optimizations, with slow loading times and basic mobile responsiveness. Security posture is weak due to the absence of HTTPS and minimal security headers, exposing users to potential risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. WHOIS data confirms a mature and legitimate domain with consistent registration details. Overall, the site demonstrates solid business credibility but requires urgent improvements in security and privacy to meet modern standards.