Security Directory

The domain fmt.biz is registered to Christof Industries GmbH, an Austrian company with a mature domain age of 23 years. However, the website currently hosts only a default Plesk server placeholder page indicating no active web presence or business content. The technical infrastructure is minimal, running on an nginx server with no valid SSL certificate, resulting in no HTTPS support. Security headers are partially implemented but limited by the lack of HTTPS. There are no privacy, cookie, or terms of service policies, nor any contact information or forms on the site. DNSSEC and CAA records are not enabled, reducing domain security. Overall, the website lacks professional content, security maturity, and privacy compliance, resulting in a low trustworthiness score.

J

Jugend am Werk Steiermark GmbH

jaw.or.at

0

Jugend am Werk Steiermark GmbH is a leading non-profit organization in Austria's Steiermark region, providing a broad range of social services including support for people with disabilities, youth, families, and adults with mental health challenges. Their offerings encompass housing, employment, education, and community integration, positioning them as a key social service provider with a strong regional presence and multiple certifications and awards that underscore their credibility and commitment to quality. The website is built on TYPO3 CMS, hosted on a provider associated with the domain's DNS records, and employs modern web technologies such as Swiper.js and Matomo analytics. While the site is rich in content, well-structured, and accessible, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Contact information is prominently displayed and verified, enhancing business credibility. Overall, the site demonstrates strong business and content quality but requires urgent security improvements to protect user data and maintain trust.

KPMG Austria GmbH operates a comprehensive and professionally designed website representing its global network of audit, tax, advisory, and legal services. The website targets clients and potential clients primarily in Austria and German-speaking regions, offering detailed insights into their services, industries, and career opportunities. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript frameworks like Vue.js and React, and integrates marketing and analytics tools such as Adobe Analytics, Demandbase, Gigya, and OneTrust for privacy compliance. Despite a strong content and business presence, the website suffers from critical security shortcomings, notably an invalid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

A

AT&S Austria Technologie & Systemtechnik AG

ats.net

0

AT&S Austria Technologie & Systemtechnik AG is a globally recognized leader in high-end printed circuit boards and IC substrates, serving key industries such as aerospace, automotive, communication, and medical technology. The company demonstrates a strong market position with a comprehensive digital presence, including investor relations, career opportunities, and sustainability initiatives. Technically, the website is built on WordPress with modern tools and plugins, offering good SEO and accessibility, though performance is moderate. Security posture is weakened by the absence of a valid SSL/TLS certificate and disabled TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent improvements in SSL/TLS configuration are recommended to enhance security and user trust.

V

Vossen

vossen.com

0

Vossen is a well-established European textile company specializing in high-quality towels, bathrobes, and bath mats, with a strong emphasis on sustainability and color variety. The website is a professionally designed e-commerce platform built on Shopify, featuring comprehensive product offerings, customer reviews, and multilingual support. The technical infrastructure leverages modern web technologies and integrates multiple third-party apps for enhanced functionality. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which are critical for secure online transactions and user trust. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the site presents a credible and professional business presence but requires urgent security improvements to ensure safe user interactions.

S

Software Daten Service Gesellschaft m.b.H.

sds.at

0

Software Daten Service Gesellschaft m.b.H. (SDS) is a medium-sized Austrian company specializing in software and services for the international financial industry, with additional focus on telecommunications and digital entertainment sectors. The company offers a comprehensive portfolio including securities processing, regulatory reporting, compliance, consulting, managed services, and professional testing. SDS benefits from a strong market position supported by its 50 years of history and affiliation with the Deutsche Telekom Group. The website reflects a professional and consistent brand image targeting financial institutions and related industries globally. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS support. Security headers are present but insufficient to compensate for the missing encryption. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally maintained but urgently requires SSL/TLS remediation to improve security posture and trust.

F

feibra GmbH

feibra.at

0

feibra GmbH is a well-established Austrian company specializing in direct marketing and mailing services, including unaddressed and addressed mailings, campaign planning, and geomarketing. The company benefits from over 60 years of experience and is a subsidiary of the Österreichische Post Aktiengesellschaft, positioning it strongly in the Austrian media and marketing sector. The website targets businesses and marketing professionals seeking effective direct marketing solutions across Austria. Technically, the website is built on WordPress with a modern plugin ecosystem and SEO optimization, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no active TLS protocols or certificate transparency compliance. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

Bombardier Recreational Products

brp.com

0

Bombardier Recreational Products (BRP) is a global leader in the manufacturing and retail of recreational vehicles including snowmobiles, all-terrain vehicles, 3-wheel motorcycles, and personal watercraft. The company maintains a strong market position with multiple well-known brands such as Ski-Doo, Lynx, Sea-Doo, and Can-Am. The website reflects a professional and comprehensive digital presence targeting consumers and enthusiasts in the powersports industry. Technically, the site leverages modern technologies including Adobe Experience Manager, Google Tag Manager, and Dynatrace monitoring, indicating a mature digital infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, which undermines the security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is content-rich and professionally designed but requires urgent remediation of SSL issues to ensure secure user interactions.

The website at fci.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page that blocks content unless JavaScript and cookies are enabled. This prevents any meaningful extraction of business or content data. The domain is registered and DNS records indicate active email routing through Mimecast, suggesting legitimate business use. However, the lack of a valid SSL certificate and HTTPS configuration is a critical security weakness. No privacy, cookie, or terms of service policies are present, and no contact information or business descriptions are available on the accessible page. The site relies on Cloudflare for security and hosting, but the absence of modern TLS protocols and HSTS reduces its security posture. Overall, the site appears to be protected by Cloudflare but is not currently accessible for detailed analysis.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The domain hexa.at currently serves as a simple redirect to an external corporate website (nagarro.com). There is no substantive content on the landing page, no privacy or cookie policies, and no contact information provided. The technical infrastructure is minimal, running on an Apache server without HTTPS enabled, which presents significant security risks. DNS and mail configurations indicate use of Microsoft Outlook protection services, and the domain is registered via a reputable Austrian registrar. However, the lack of SSL/TLS and security headers severely impacts the security posture. Overall, the site functions only as a redirect with no direct business presence or user engagement on this domain.

B

Broken Rules

brokenrul.es

0

Broken Rules is an independent game development studio established in 2009, specializing in designing, developing, and publishing original digital games. The website showcases multiple award-winning titles, targeting gamers and digital entertainment audiences. The business model focuses on creative game production and distribution across multiple platforms including Apple Arcade, Nintendo Switch, Steam, and itch.io. The company maintains a consistent and professional brand presence with high-quality content and clear navigation. Technically, the website is hosted on an Apache server with basic HTML5 and CSS3 technologies. However, it lacks modern security implementations such as HTTPS, HSTS, and security headers, which significantly impacts its security posture. Performance data is unavailable, but the site appears to have basic mobile optimization and accessibility features. SEO is reasonably well implemented with proper meta tags and Open Graph data. From a security perspective, the absence of SSL/TLS encryption is a critical vulnerability, exposing users to potential data interception risks. No security policies, incident response contacts, or vulnerability disclosure mechanisms are publicly available, indicating a low maturity in security governance. The DNS configuration lacks DNSSEC and CAA records, further reducing domain security assurance. Overall, the website is functional and professional in content and design but requires urgent security improvements to protect users and enhance trust. Strategic recommendations include enabling HTTPS, implementing security headers, and establishing clear privacy and incident response policies.

G

GE Capital

gecapital.com

0

GE Capital operates as the financial services arm aligned with General Electric's industrial businesses, providing leasing, lending, retail credit, real estate financing, and mortgage services globally. The website reflects a professional and consistent brand presence with clear business descriptions and multiple regional contact points, targeting industrial customers seeking financial solutions. Technically, the site is built on Drupal 10 with Bootstrap and hosted behind Cloudflare, indicating a modern infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses that undermine secure communications. Privacy and cookie policies are well linked to official GE domains, showing good compliance posture, but no explicit security or incident response policies are found. Overall, the site is professional and credible but requires urgent security improvements to meet enterprise standards.

F

Fusonic GmbH

fusonic.net

0

Fusonic GmbH is a medium-sized technology company based in Austria, specializing in software development and UX design with a strong regional presence in Vorarlberg. The company offers a broad range of digital services including software modernization, MVP development, service and process optimization, digital strategy consulting, data analysis, and artificial intelligence solutions. Their market position is supported by over 100 successful projects and long-term partnerships, targeting a wide audience including various industries. The website content is professionally presented with excellent design, clear navigation, and relevant business information. Technically, the site uses modern frameworks such as Symfony and Angular, and is hosted behind Amazon CloudFront CDN, but suffers from a critical lack of valid SSL/TLS configuration, which severely impacts security posture. Security headers are partially implemented, but the absence of HTTPS and TLS protocols is a major vulnerability. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, and the use of Matomo analytics reflects privacy-conscious tracking. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

E

Expeditors International of Washington, Inc.

expeditors.com

0

Expeditors International of Washington, Inc. is a global logistics company specializing in freight forwarding, customs brokerage, and supply chain management services. The company operates a comprehensive worldwide network and offers technology-enabled solutions to optimize logistics operations. The website reflects a professional and consistent brand presence targeting businesses requiring global transportation and supply chain services. Technically, the site uses ASP.NET and is hosted behind Cloudflare with integrations such as Google Tag Manager and HubSpot for marketing and analytics. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site is functional and credible but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 27 security findings identified across all modules.

M

Miba AG

miba.com

0

Miba AG is a large Austrian industrial company specializing in the development and production of critical components for the energy value chain and transportation sectors. Their product portfolio includes sintered parts, sliding bearings, friction linings, power electronics components, coatings, and eMobility solutions. The company maintains a strong global presence with multiple locations and a focus on sustainable and efficient energy applications. Technically, the website is built on TYPO3 CMS and uses modern JavaScript libraries, but suffers from a critical lack of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The site includes comprehensive corporate information, social media integration, and cookie consent mechanisms, indicating good privacy compliance. However, no explicit security or incident response policies are published. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and business operations.

epunkt GmbH is an established Austrian employment agency specializing in job placement and career coaching services. With a domain age of 22 years and a strong presence in Austria, the company targets job seekers and employers, offering personalized career advice and access to a broad range of job opportunities. The website is professionally designed, content-rich, and provides clear navigation and contact information, supporting a positive user experience and trustworthiness. Technically, the site uses nginx as the server and integrates NewRelic for performance monitoring. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the business is credible and well-positioned in its market, but immediate remediation of security issues is essential.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Pierre Fabre Laboratories

pierre-fabre.com

0

Pierre Fabre Laboratories is a well-established French pharmaceutical and dermocosmetics group with a global presence and a strong portfolio of brands. The company focuses on developing innovative healthcare and beauty solutions inspired by patients and consumers. Their website reflects a mature digital presence with comprehensive content, multilingual support, and clear business information. However, the technical infrastructure shows weaknesses, particularly in security, as the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical issue for user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism implemented via OneTrust. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

Austrian Airlines AG operates a comprehensive and professional airline website targeting global travelers seeking flights and related travel services. The site offers extensive booking options, flight management, and loyalty program integration, reflecting a mature digital presence consistent with a major European airline and Lufthansa Group member. The technical infrastructure leverages modern web technologies including Apache server, Adobe Helix, and Maui Design System, with content delivery optimized via Akamai CDN. However, performance metrics indicate slow loading times, suggesting room for optimization. Security posture reveals critical gaps, notably the absence of a valid SSL certificate and disabled TLS protocols, which significantly undermine user trust and data protection. While security headers and content policies are well implemented, the lack of HTTPS is a major concern. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not clearly detected. Overall, the website is highly professional and credible but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and compliance with modern security standards.

KTM AG is a well-established Austrian motorcycle manufacturer with a strong market presence and a focus on transparent communication with investors and the public. The website reflects a professional corporate image with clear navigation and relevant business content. Technically, the site is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing visitors to potential risks. No explicit security or incident response policies are published, which could be a concern for stakeholders. Overall, while the business credibility and content quality are good, the technical and security aspects require urgent improvement to meet modern standards.

L

Lam Research

lamresearch.com

0

Lam Research Corporation is a leading enterprise in the semiconductor manufacturing technology sector, providing advanced equipment and solutions that enable chipmakers to innovate at the atomic scale. The website reflects a mature, well-structured corporate presence with comprehensive information on products, customer support, careers, investors, and environmental, social, and governance (ESG) initiatives. The company targets semiconductor industry professionals, investors, and potential employees globally, with multilingual support and dedicated portals. Technically, the website is built on WordPress CMS hosted on WP Engine and utilizes Cloudflare CDN for delivery. It incorporates modern JavaScript frameworks such as React and libraries like GSAP and amCharts for interactive content. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Despite this, the site implements several security headers and a cookie consent mechanism, indicating attention to privacy compliance. Security posture is weakened by the absence of HTTPS and TLS protocols, exposing users to potential risks. No critical vulnerabilities or exposed sensitive data were detected in the content. The domain registration and DNS configurations align with a legitimate enterprise, with no suspicious patterns. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements. Strategic recommendations include immediate deployment of a valid SSL certificate, enabling modern TLS protocols, and enhancing security configurations to protect user data and improve trust. The company should also continue to maintain comprehensive privacy and security policies to comply with global regulations and foster user confidence.

Waagner Biro is a large, established company specializing in bridge systems, stage systems, steel and glass constructions, and bridge services, primarily targeting industrial and infrastructure sectors. The website acts mainly as a portal linking to specialized subsidiaries, reflecting a segmented business model focused on engineering and manufacturing. Technically, the site is basic with minimal content and limited modern web features. It uses Apache server technology but lacks HTTPS, which is a critical security deficiency. The absence of privacy and cookie policies on the main domain, as well as no contact information, reduces user trust and compliance posture. Security posture is weak due to missing SSL/TLS, lack of security headers, and incomplete DNS/email security configurations. Overall, the site is functional but requires significant improvements in security and privacy compliance to meet modern standards.

Ö

ÖAMTC - Österreichischer Automobil-, Motorrad- und Touring Club

oeamtc.at

0

ÖAMTC is a large, well-established Austrian automobile and touring club serving over 2 million members. The organization provides a wide range of services including roadside assistance, insurance, travel planning, and member benefits. The website reflects a strong brand presence with comprehensive content and multimedia offerings targeting motorists and travelers in Austria. Technically, the site uses modern technologies such as nginx, RequireJS, JW Player, and integrates with multiple third-party services for analytics and advertising. However, a critical security issue is the lack of a valid SSL certificate and absence of HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent management platform in place. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

BMW.at is the official website for BMW Austria, providing comprehensive information on premium vehicles, including electric and hybrid models, leasing and financing options, and after-sales services. The site targets automotive customers in Austria, emphasizing BMW's premium brand positioning and extensive product offerings. The website is built on a robust technical infrastructure leveraging Adobe Experience Manager and Akamai CDN, ensuring a modern and responsive user experience. Despite the advanced infrastructure, the site currently suffers from an invalid SSL certificate, which undermines its security posture. Security headers are partially implemented, but improvements are needed to fully secure user interactions and data. Privacy and cookie policies are well-presented and GDPR compliant, reflecting BMW's commitment to data protection. Overall, the site demonstrates high professionalism and trustworthiness, with strong brand consistency and extensive content relevant to its audience.

Accenture's SAP Customer Experience website presents a comprehensive and professional digital presence showcasing their partnership with SAP and their extensive capabilities in delivering customer experience solutions. The site targets global enterprises seeking advanced SAP commerce and customer data management services. Technically, the site leverages Adobe Experience Manager, integrates multiple analytics and marketing tools, and is hosted on AWS CloudFront. However, a critical security concern is the invalid or missing SSL certificate and lack of modern TLS protocol support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site reflects a mature business with strong market positioning but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

E

EV Group (EVG)

evgroup.com

0

EV Group (EVG) is a well-established company specializing in semiconductor manufacturing equipment and process solutions, including wafer bonding, lithography, and metrology. The company targets semiconductor manufacturers and related industries, positioning itself as a leading supplier with a global presence. The website reflects a professional and comprehensive digital presence with multilingual support and detailed product and technology information. Technically, the site is built on TYPO3 CMS and uses modern tools like Cookiebot and Google Tag Manager, but lacks a valid SSL certificate, which is a significant security concern. Security headers are partially implemented, but the absence of HTTPS and TLS protocols severely impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and credible but requires urgent security improvements to protect user data and maintain trust.

F

FH Technikum Wien

technikum-wien.at

0

FH Technikum Wien is Austria's only purely technical university of applied sciences, offering a broad and practice-oriented range of study programs. The institution holds a leading market position in Austria's technical education sector, evidenced by its top ranking in the Industriemagazin and multiple certifications including sustainability and quality management awards. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with good SEO, accessibility, and user experience. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the institution demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

I

IL – Ingenieurbüro Laabmayr & Partner ZT GesmbH.

laabmayr.at

0

Ingenieurbüro Laabmayr & Partner ZT GesmbH. is a specialized engineering consultancy based in Salzburg, Austria, with a focus on tunnel construction and civil engineering projects. Founded in 1975, the company has established a solid reputation for reliable and punctual project delivery, serving both alpine and urban tunnel projects internationally. Their key services include tunnel construction, comprehensive project services under 'Tunnel Plus', engineering construction, and rock/ground construction. The website reflects a professional business presence with clear service offerings and contact information.

V

voestalpine AG

voestalpine.com

0

voestalpine AG is a globally leading steel and technology group with a strong market position in manufacturing and industrial sectors such as automotive, aerospace, energy, and railway systems. The company operates worldwide with a large enterprise footprint and emphasizes sustainability and innovation through initiatives like the greentec steel program. The website reflects a mature digital presence with multilingual support, comprehensive corporate and investor information, and active social media engagement. Technically, the site uses modern tools including Usercentrics for consent management and JW Player for media, hosted on AWS CloudFront CDN. However, a critical security weakness is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is clearly provided, though no direct company emails are visible. Overall, the site is professional and trustworthy but requires urgent SSL and TLS remediation to ensure secure user interactions.

W

WeAreDevelopers

wearedevelopers.com

0

WeAreDevelopers operates as Europe’s leading developer community platform, providing a comprehensive ecosystem for developers and companies to connect through job boards, events, and educational content. The platform hosts major events such as the WeAreDevelopers World Congress and offers extensive resources including tech talks and salary calculators. Their market position is strong within the European technology sector, targeting developers and tech companies with a large and active user base. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, hosted via Cloudflare with Imgix for image delivery, and integrates video content hosted on Vimeo. The site demonstrates good design quality, mobile responsiveness, and SEO practices, although performance metrics are unavailable. Accessibility is basic but present. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability impacting user trust and data security. Other security headers are partially implemented but insufficient. Privacy and cookie policies are present and indicate GDPR compliance, supporting responsible data handling. Overall, the platform is professionally managed with strong business credibility and content quality but requires urgent improvements in security infrastructure to protect users and maintain trust. Strategic recommendations include immediate SSL deployment, enabling HTTPS, and enhancing security headers and practices.

M

MED-EL Medical Electronics

medel.com

0

MED-EL Medical Electronics is a mature and globally recognized healthcare company specializing in hearing implants and solutions. Their website provides comprehensive information about cochlear implants, middle ear implants, bone conduction systems, and related accessories, targeting individuals with hearing loss and healthcare professionals. The company maintains a strong market position as a leading hearing implant provider with a large operational scale and a well-established brand since 1996. The website content is professionally curated, with clear navigation and multilingual support, reflecting a high level of digital maturity.

H

Hotel Restaurant Höldrichsmühle

hoeldrichsmuehle.at

0

Hotel Restaurant Höldrichsmühle is a historic hospitality business located in Hinterbrühl, Austria, offering hotel accommodation, restaurant services, seminar facilities, wedding venues, and equestrian activities. The business targets tourists, local visitors, and corporate clients seeking event spaces near Vienna. The website is built on WordPress with modern plugins and SEO optimizations, providing a good user experience and clear navigation. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site implements cookie consent mechanisms and displays contact information prominently, but lacks advanced security policies and incident response contacts. Overall, the business appears legitimate and well-established, but the website's security posture requires urgent improvement to meet modern standards.

G

Getzner Werkstoffe GmbH

getzner.com

0

Getzner Werkstoffe GmbH is a well-established company specializing in vibration isolation solutions for the railway, construction, and industrial sectors. With over 50 years of expertise, the company manufactures innovative polyurethane elastomers and elastic modules that reduce noise and vibrations, enhancing product longevity and application suitability. The website reflects a strong market position with comprehensive product and service information targeting construction professionals, urban developers, and industrial clients. Technically, the website employs modern tools such as Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL/TLS certificate and minimal security headers represent significant security vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is currently weak due to lack of HTTPS and related best practices, exposing users to potential risks. WHOIS data confirms the domain's legitimacy and long-term registration, supporting business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

T

Trayport Limited

visotech.at

0

Trayport Limited operates a comprehensive energy trading platform connecting traders, brokers, and exchanges globally, with a strong focus on power, gas, and carbon markets. Their flagship product, Joule, offers extensive market access and analytics, positioning them as a key player in the energy trading software sector. The website reflects a mature digital presence with rich content and clear navigation tailored to energy market participants. Technically, the site leverages modern web technologies including WordPress, Alpine.js, and Mapbox for interactive features, but lacks HTTPS support, which is a critical security shortfall. Security posture is weak due to the absence of SSL/TLS and security headers, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and professionally presented, but urgent improvements in security infrastructure are recommended.

I

iC Consulenten Ziviltechniker GesmbH

ic-group.org

0

iC Consulenten Ziviltechniker GesmbH is a well-established Austrian engineering consultancy firm specializing in integrative solutions across construction, transportation, environment, and energy sectors. With over 22 years of operation and multiple international offices, the company serves clients requiring complex, interdisciplinary project management and engineering expertise. Their website reflects a professional presence with detailed service offerings and a strong partner network. Technically, the site is built on TYPO3 CMS with modern frontend technologies but lacks HTTPS, which is a critical security deficiency. The absence of SSL/TLS exposes visitors to significant risks and undermines trust. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, though incident response and vulnerability disclosure mechanisms are absent. Business legitimacy is strong, supported by consistent WHOIS data and trust indicators such as certifications and social media presence. Strategic improvements in security posture, especially enabling HTTPS and enhancing security headers, are essential to protect users and improve overall trust.

D

Deisl-Beton Ges.m.b.H.

deisl-beton.at

0

Deisl-Beton Ges.m.b.H. is an Austrian company specializing in the manufacturing and distribution of concrete and related construction materials, including transport concrete, aggregates, dry spray concrete, recycling products, and natural stones. The company also provides logistics services such as fleet management and concrete pumps. The website serves as an informational portal for customers and partners, primarily targeting construction professionals and businesses within Austria. The market position appears regional with a focus on quality and service. Technically, the website is built on WordPress 6.1.7, hosted by Futureweb GmbH, and served via Apache. The site uses standard web technologies including jQuery but lacks modern performance optimizations and mobile responsiveness is basic. The absence of HTTPS and a valid SSL certificate is a significant technical and security deficiency, exposing users to risks. No advanced SEO or accessibility features are evident, and performance metrics are missing. From a security perspective, the site lacks HTTPS, HSTS, OCSP stapling, and security headers, which are critical for protecting user data and ensuring trust. No privacy, cookie, or terms of service policies are present, indicating poor compliance with GDPR and related regulations. Contact information is clearly provided, but no incident response or security policy details are available. The domain registration is consistent and legitimate, registered with a reputable Austrian registrar. Overall, the website presents moderate business credibility but suffers from critical security and privacy shortcomings. Strategic improvements in SSL implementation, security headers, and privacy compliance are urgently recommended to enhance trust and protect users. Technical modernization and performance optimization would also benefit user experience and SEO.

N

NTS

nts.eu

0

NTS is a well-established IT services and solutions provider based in Austria, specializing in network infrastructure, security, data center, collaboration, cloud services, and artificial intelligence platforms. The company targets businesses and organizations seeking comprehensive digital transformation and managed services. Their market position is strong regionally with a broad portfolio of key services and a consistent brand presence. Technically, the website is built on WordPress with modern plugins and tracking tools, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and disabled TLS protocols. Security headers are well implemented, but the absence of HTTPS significantly undermines the security posture. Privacy compliance is robust with clear cookie and privacy policies and consent mechanisms. Overall, the website is professional and content-rich, but the lack of HTTPS is a critical risk that must be addressed immediately.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

ams-OSRAM AG is a global leader in innovative light and sensor solutions, offering a broad portfolio including high-performance LEDs, lasers, mixed-signal analog ICs, and sensors tailored for automotive, industrial, medical, and consumer applications. The company positions itself as a technology innovator with a strong focus on quality and customer engagement, supported by comprehensive investor relations and sustainability initiatives. The website reflects a mature digital presence with modern frameworks and a professional design, targeting B2B customers and industry partners worldwide. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent management mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to enhance security posture.

S

STRABAG SE

strabag.com

0

STRABAG SE is a leading European construction and technology company specializing in infrastructure, building construction, and specialized construction sectors. The company emphasizes innovation, sustainability, and quality, positioning itself as a market leader with a comprehensive portfolio of services including road construction, civil engineering, and tunneling. The website content reflects a mature enterprise with a strong focus on ESG principles and investor relations, targeting investors, clients, and partners in the construction and infrastructure sectors. Technically, the website employs standard web technologies such as jQuery and custom JavaScript, hosted on Microsoft Azure with DNS managed via AWS. While the site is content-rich and well-structured with good SEO and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts its security posture. Security analysis reveals a lack of essential security headers, no DNSSEC or CAA records, and no advanced SSL features like OCSP stapling or session resumption. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, but incident response and vulnerability disclosure policies are not evident. Overall, STRABAG SE's website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and adopting DNS security measures to align with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website greiner-extrusion.at is currently inaccessible, displaying a 'This store is unavailable' error page with an HTTP 500 status code. The lack of any meaningful content, contact information, or business details severely limits the ability to assess the company's market position or services. The domain is registered through a reputable registrar and uses Google Domains nameservers, but no SSL certificate is installed, and HTTPS is not enabled, which is a critical security deficiency. Performance is extremely poor with a very slow load time and no page content delivered. No privacy or cookie policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the site lacks professionalism and trustworthiness in its current state.

HOT Engineering GmbH operates a professional website serving the energy sector, specializing in consultancy, laboratory services, software, and training focused on underground energy storage and oil & gas field development. The company positions itself as a leading provider with a mature domain and a consistent business presence. The technical infrastructure is based on WordPress with common plugins and hosted by Hetzner, but lacks HTTPS, which is a critical security gap. The site includes cookie consent mechanisms and privacy policies compliant with GDPR, reflecting good privacy practices. However, the absence of SSL/TLS encryption significantly impacts the security posture and overall trustworthiness. Strategic improvements in security configuration are essential to protect user data and enhance credibility.

U

USound

usound.com

0

USound is a technology company specializing in MEMS speaker technology designed for integration into advanced audio devices such as TWS earbuds, headphones, AR/VR glasses, audio glasses, and hearing aids. The company positions itself as an innovator in the audio technology market, offering products with superior form factors, low power consumption, and high audio fidelity. Their website provides comprehensive product catalogs, technical documentation, and application insights targeting manufacturers and developers in the wearable and hearable device sectors. Technically, the website is built on WordPress with a modern tech stack including React, jQuery, and various plugins for enhanced user experience. However, the site lacks HTTPS, which is a critical security vulnerability. The security posture is basic with no advanced headers or SSL configuration, but no known vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance security headers.

Ö

Öresundskraft AB

oresundskraft.se

0

Öresundskraft AB is a well-established Swedish energy company with over 160 years of history, providing a broad range of energy and communication services including electricity, district heating, gas, fiber internet, solar cells, battery solutions, and electric vehicle charging. The company targets both private consumers and businesses, positioning itself as a regional leader in sustainable and renewable energy solutions. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and strong branding consistency. Technically, the site is built on ASP.NET MVC hosted on Microsoft Azure, utilizing modern marketing and analytics tools such as Usercentrics CMP, Weglot for translations, Google Tag Manager, and Microsoft Application Insights. Accessibility and mobile optimization are well addressed. However, a critical security weakness is the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly undermines user security and trust. Privacy compliance is strong with clear GDPR and cookie policies and consent mechanisms. Business credibility is high with transparent contact information and active social media engagement. Strategic recommendations include immediate implementation of HTTPS, enhancement of security headers, and publication of security policies and incident response information to improve overall security posture and trust.