Security Directory

R

Rosendahl Nextrom GmbH

rosendahlnextrom.com

0

Rosendahl Nextrom GmbH is a well-established global leader in production technologies serving the battery, cable & wire, and optical fiber industries. The company offers sophisticated manufacturing equipment and tailor-made solutions, targeting industrial manufacturers worldwide. The website reflects a mature business with a professional digital presence, including multi-language support and structured data for SEO. Technically, the site uses WordPress with Elementor and performance optimizations like WP Rocket, hosted behind Cloudflare CDN. However, a critical security gap exists as the site lacks HTTPS/SSL encryption, exposing users to potential risks. Privacy compliance is addressed with a privacy policy and cookie consent via Cookiebot. Business credibility is strong with clear contact forms and parent company affiliation to KNILL Gruppe. Overall, the site is content-rich and professionally maintained but requires urgent security improvements.

R

recomresearch.com

recomresearch.com

0

The website recomresearch.com is a mature domain registered since 1999 but currently serves as a parked domain with minimal content focused on advertising and related search results. There is no clear business description, contact information, or services offered, indicating it is not an active commercial site. The technical infrastructure relies on Bodis domain parking and Google advertising scripts, with no CMS or modern web frameworks detected. Performance is poor with a high load time, and mobile optimization is basic. Security posture is weak due to the absence of HTTPS, security headers, and DNSSEC, exposing the site to potential risks. Privacy compliance is minimal, lacking cookie consent mechanisms despite ad scripts. Overall, the site has low trustworthiness and business credibility, primarily serving as a monetized placeholder domain.

D

DDB Worldwide

tribalworldwide.com

0

DDB Worldwide is a highly ranked global advertising agency specializing in creative advertising and marketing services. The company operates an enterprise-level website built on WordPress, hosted on WP Engine and served via Cloudflare CDN, leveraging modern web technologies such as jQuery, Axios, and ReactPress. The website features professional design, clear navigation, and comprehensive privacy and cookie policies, indicating a mature digital presence. However, the absence of a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks and reducing trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Contact information is limited to email addresses without phone numbers or physical addresses, and no explicit security or incident response policies are published. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent security improvements.

PSI Software SE operates the website psimetals.com, providing specialized production management software solutions for the metals industry, including steel, aluminum, and copper manufacturing. Their flagship product, PSImetals, integrates SCM, APS, and MES functionalities to optimize production and logistics, with a strong emphasis on sustainability and decarbonization. The company targets industrial manufacturers seeking to improve operational efficiency and meet environmental standards. The website demonstrates a mature digital presence with comprehensive content, case studies, and customer references, reflecting a well-established market position. Technically, the site is built on TYPO3 CMS and leverages modern JavaScript libraries such as Vue.js, Axios, and Parsley.js for enhanced user experience and form validation. However, performance metrics are lacking, and the SSL/TLS configuration is critically deficient, with no valid certificate and no TLS protocols enabled, severely impacting security posture. The site includes privacy and cookie policies compliant with GDPR, and uses Google Analytics and Tag Manager for user tracking at a moderate level. Security-wise, while several security headers are implemented, the absence of a valid SSL certificate and HTTPS enforcement is a major vulnerability. DNS security features like DNSSEC and CAA are not enabled, and domain protection locks are missing, which could expose the domain to hijacking risks. No explicit incident response or security policy information is available on the site. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, enhancing DNS security, and publishing clear security and incident response policies.

D

Die Presse Verlags-Gesellschaft m.b.H. & Co KG

diepresse.com

0

Die Presse is a prominent Austrian media company operating a comprehensive online news portal offering premium journalism, podcasts, videos, and newsletters targeting German-speaking audiences primarily in Austria. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks (Vue.js), advanced consent management (Didomi), and multiple advertising and analytics platforms. However, the security posture is notably weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. Privacy compliance is robust with clear policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and maintain trust.

Condor is a well-established airline focused on providing affordable flights primarily between the USA, Canada, and Europe. The website offers comprehensive flight booking services, flexible fare options, and travel extras such as seat reservations and baggage management. The company targets travelers seeking convenient and cost-effective air travel solutions. Technically, the website is built on TYPO3 CMS and leverages Akamai CDN for content delivery, with modern JavaScript frameworks and cookie consent managed by Usercentrics, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Privacy compliance is well addressed with GDPR-consistent cookie consent mechanisms and clear privacy policies. Overall, the website is professional and user-friendly but requires urgent security improvements to protect user data and ensure secure transactions.

D

Design Storz GmbH

designstorz.com

0

Design Storz GmbH is a small, established Austrian design studio with over 38 years of experience specializing in automotive, product, graphic design, branding, and design strategy. The company serves international clients including major automotive brands and consumer product companies. The website is built on WordPress using popular plugins and page builders, presenting professional content and clear navigation primarily in German. However, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the business credibility is moderate, supported by consistent WHOIS data and a clear contact presence. The security posture is weak due to missing HTTPS and security headers, which should be addressed urgently to protect user data and improve trust.

Ing. Michael Josef EDER operates a small, specialized Baumeister (master builder) business based in Hallein, Austria, offering comprehensive construction planning, execution, management, and consultancy services primarily for private residential, commercial, and industrial clients. The company has an established local presence since 1995 and demonstrates professionalism through certifications and clear contact information. Technically, the website is built on WordPress with Elementor and Yoast SEO, showing good SEO and mobile optimization but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. The security posture is weak, lacking essential HTTPS encryption and advanced security headers, which poses risks to user data and trust. Privacy compliance is adequate with a cookie consent mechanism and a privacy policy page, but no incident response or security policy information is provided. Overall, the website is functional and professional but requires urgent security improvements to protect visitors and enhance trust.

C

Comprehensive Nuclear-Test-Ban Treaty Organization

ctbto.org

0

The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) operates as an international governmental entity dedicated to monitoring and enforcing the ban on nuclear tests globally. The organization provides key services including verification regimes, international monitoring systems, data analysis, and on-site inspections, targeting member states, researchers, civil society, and media. The website reflects a professional and authoritative presence consistent with its mission and audience. Technically, the site is built on Drupal 10 with modern frameworks and is hosted behind Cloudflare, leveraging Google Analytics and other monitoring tools. The site is mobile-optimized and well-structured, though performance metrics are unavailable. Security headers are implemented, but a critical issue is the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, while the organization employs good header policies and content security policies, the lack of HTTPS and proper TLS support is a major vulnerability. No incident response or security policy pages were found, and cookie consent mechanisms are missing despite tracking usage. DNS records show malformed CAA entries and no DNSSEC, which could be improved. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues and enhancement of privacy compliance mechanisms to improve security and user trust.

T

TTX

ttx.com

0

TTX is a well-established transportation company specializing in railcar pooling and maintenance services across North America. Founded in 1955, it operates a large fleet and extensive maintenance network, serving the rail industry with innovative logistics solutions. The website reflects a mature business with comprehensive service offerings and a clear market position. Technically, the site is built on WordPress with modern libraries and integrates Google Maps and analytics, but suffers from an invalid SSL certificate and lack of HTTPS enforcement, which impacts security posture. Security headers are present, but critical SSL/TLS configurations are missing, exposing the site to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but requires urgent SSL and security improvements to meet modern standards.

S

Sony DADC Europe GmbH

sonydadc.com

0

Sony DADC Europe GmbH operates a professional and comprehensive website presenting itself as a leading end-to-end supply chain and manufacturing service provider primarily serving the entertainment industry. The company offers a broad range of services including micro optics, manufacturing, assembly and packaging, logistics, and global business services. The website is well-structured, professionally designed, and targets B2B clients requiring specialized supply chain solutions. Technically, the site is built on WordPress with common libraries such as jQuery and Swiper.js, and includes SEO optimizations and accessibility features. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and user trust. Privacy and cookie policies are comprehensive and GDPR compliant, but no incident response or vulnerability disclosure information is provided. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and ensure secure communications.

D

dsm-firmenich

dsm.com

0

dsm-firmenich is a global enterprise combining expertise in health, nutrition, bioscience, and fragrance industries with a strong heritage of over 150 years. The company operates multiple business units serving B2B clients worldwide, with a significant workforce and substantial revenue. The website reflects a mature digital presence built on Adobe Experience Manager, integrating advanced marketing and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS support, which poses risks to user trust and data security. Privacy and cookie policies are well implemented, supporting GDPR compliance. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user confidence.

S

Stieglbrauerei zu Salzburg GmbH

stiegl.at

0

Stiegl Privatbrauerei is Austria's leading private brewery with a rich heritage dating back to 1492. The company offers a broad portfolio of beer specialties, operates an online shop, and provides B2B distribution and technical services. The website reflects a mature digital presence with professional design, comprehensive content, and active marketing integrations. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with consent mechanisms, indicating good privacy awareness. Overall, the business is well-established and credible, but urgent improvements in security infrastructure are recommended.

P

Peek & Cloppenburg B.V. & Co. KG

peek-cloppenburg.com

0

Peek & Cloppenburg B.V. & Co. KG is a well-established European fashion retailer with a strong presence in physical stores and online platforms. The company offers a curated selection of international and exclusive brands, targeting fashion-conscious consumers across multiple countries. Their business model focuses on multi-brand retailing with a significant footprint in Europe, supported by a comprehensive loyalty program and customer service infrastructure. Technically, the website is built on modern frameworks like Next.js and Magnolia CMS, leveraging Cloudflare for hosting and CDN services. The site is well-optimized for mobile and SEO, with good accessibility features. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which critically impacts secure communications and user trust. Privacy compliance is robust, with clear policies and consent mechanisms implemented. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

A

Addiko Bank AG

addiko.com

0

Addiko Bank AG operates as a regional digital bank serving multiple European countries with a focus on online banking products such as savings accounts and loans. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting retail and corporate banking customers. Technically, the site is built on WordPress with modern plugins and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is critical for a financial institution. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, while the business and technical aspects are solid, the security deficiencies pose a significant risk that must be remediated promptly.

Scheidt & Bachmann GmbH is a globally recognized provider of innovative system solutions in the transportation and energy retail sectors. Their offerings include parking management, rail signalling, fare collection systems, and energy retail solutions, serving a broad range of mobility providers worldwide. The company positions itself as a market leader with a strong focus on integrated modular solutions and sustainability. Technically, the website is built on TYPO3 CMS with a professional design and good navigation, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, while the business credibility and content quality are strong, the security posture requires urgent improvement to protect user data and enhance trust.

G

GrECo

greco.services

0

GrECo is a well-established insurance and risk management specialist with a strong presence in Central and Eastern Europe, operating since 1925. The company offers a broad range of services including risk consulting, cyber insurance, health and benefits, and international insurance programs. The website reflects a mature digital presence with professional design, multilingual support, and structured data for SEO. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. Privacy policies are present and GDPR compliant, but cookie consent mechanisms are minimal. Overall, the site is content-rich and credible but requires urgent security improvements to align with best practices.

L

Lexogen GmbH

lexogen.com

0

Lexogen GmbH is a specialized biotechnology company based in Vienna, Austria, focused on next generation sequencing (NGS) and transcriptomics solutions. The company offers a comprehensive portfolio of RNA analysis products, including RNA-Seq sample preparation kits, RNA spike-in controls, and bioinformatics data analysis services. Their target audience includes researchers, pharmaceutical companies, and academic institutions seeking innovative RNA sequencing and analysis solutions. Lexogen positions itself as a niche leader with ISO 9001 and ISO 13485 certifications, underscoring its commitment to quality and regulatory compliance. Technically, the website is built on WordPress using Elementor and WooCommerce, hosted on Cloudpit infrastructure. The site integrates modern web technologies such as Google Tag Manager and reCAPTCHA for analytics and security. While the site is mobile optimized and SEO friendly with good content quality and navigation, performance metrics are unavailable. The absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure HTTP connections. From a security perspective, the site lacks HTTPS, HSTS, and other essential security headers, resulting in a low security posture score. No explicit security or incident response policies are published. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is detailed and trustworthy, including multiple phone numbers, emails, and physical addresses in Austria and the USA. Overall, Lexogen's website demonstrates strong business credibility and content quality but suffers from a critical security deficiency due to missing HTTPS. Strategic improvements in SSL implementation and security headers are essential to enhance user trust and data protection. The company’s digital maturity is moderate, with opportunities to improve technical infrastructure and security practices to better support its specialized biotech market presence.

H

Handwerkskammer Aachen

hwk-aachen.de

0

Handwerkskammer Aachen is a regional chamber of crafts in Germany representing approximately 17,400 member businesses. The organization provides a broad range of services including vocational training, further education, consulting, business start-up support, and expert services. The website reflects a well-established institution with a strong market position in the education and government sectors, targeting apprentices, craftsmen, business founders, and companies within the Aachen region. The content is rich, professionally presented, and highly relevant to its audience. Technically, the site is built on the ODAV CMS platform, utilizing modern JavaScript libraries and frameworks, but suffers from poor SSL/TLS implementation, lacking a valid certificate and modern encryption protocols. This significantly impacts the security posture of the website. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Contact information is complete and transparent, enhancing business credibility. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

M

MIC Datenverarbeitung GmbH

mic-cust.com

0

MIC Datenverarbeitung GmbH operates as a leading global provider of customs and trade compliance cloud software solutions, serving over 1000 customers across more than 55 countries. Their SaaS offerings focus on integrated customs compliance and trade compliance systems, supported by a consistent global service organization. The website reflects a mature digital presence built on TYPO3 CMS, with professional design, clear navigation, and extensive product and service information. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. Security headers are well implemented, but the lack of TLS and HSTS reduces overall security posture. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy, though explicit GDPR compliance indicators could be enhanced. Business credibility is strong, supported by consistent WHOIS data, partner logos, and social media presence. Strategic improvements in SSL deployment and security practices are recommended to elevate trust and compliance.

Ecolab Inc. is a global enterprise specializing in water, hygiene, and infection prevention solutions and services. The company serves a broad range of industries including manufacturing, healthcare, hospitality, food and beverage processing, and energy. With a strong market position as a leader in sustainability and operational efficiency, Ecolab offers science-based solutions and data-driven insights to help customers improve safety, reduce environmental impact, and optimize operations. The website reflects a mature digital presence with comprehensive content, clear navigation, and multi-channel contact options. Technically, the website is built on the Sitecore CMS platform, leveraging modern technologies such as Coveo for search, Google Tag Manager for analytics, and OneTrust for cookie consent management. The site is hosted via Akamai CDN and integrates multiple third-party marketing and analytics tools, indicating a sophisticated digital marketing strategy. Accessibility and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site implements strong HTTP security headers and content security policies. However, a critical issue is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly undermines the security posture. This gap exposes the site to risks and should be addressed promptly. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Overall, Ecolab's website demonstrates high business credibility and professionalism but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS protocols, enhancing HSTS policies, and continuing to maintain strong privacy and security practices.

P

pcode

pcode.at

0

pcode is a small Austrian software agency specializing in the development and design of digital products, online shops, and custom software solutions. With approximately 8 years of experience, the company positions itself as a provider of human-centered digital experiences, emphasizing clean code, accessibility, and UX design. Their market presence is supported by client case studies and a professional online presence including social media channels. Technically, the website is built using modern technologies such as React, Nest.js, TypeScript, and Docker, hosted likely on AWS infrastructure, and developed with the Framer platform. However, a critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers are present but insufficient to compensate for the missing encryption. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided via phone, address, and a contact form, enhancing business credibility. Overall, the website is professionally designed and functional but requires urgent security improvements to protect user data and build trust.

P

PHINIA Inc.

delphi.com

0

PHINIA Inc. is a mature, large-scale business specializing in premium fuel systems, electrical systems, and aftermarket automotive products with a strong emphasis on sustainability and innovation. The company positions itself as a market leader advancing clean transportation technologies and alternative fuels. The website reflects a professional and consistent brand image with comprehensive corporate governance and investor relations information. Technically, the site uses Sitefinity CMS, Cloudflare hosting, and integrates multiple marketing and analytics tools such as Google Analytics and HubSpot. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS support, which poses a critical risk to user trust and data security. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the site is content-rich and professionally maintained but requires urgent remediation of SSL/TLS issues to ensure secure communications.

C

Chemetall GmbH

chemetall.com

0

Chemetall GmbH is a well-established global leader in surface treatment chemical solutions, operating as a subsidiary of BASF. The company serves industrial clients across multiple sectors including aerospace, automotive, and manufacturing, providing advanced chemical technologies and laboratory services. The website reflects a professional and consistent brand presence with good content quality and clear navigation, targeting B2B industrial customers. Technically, the site uses legacy JavaScript libraries and lacks modern performance optimizations, with slow loading times and basic mobile responsiveness. Security posture is weak due to the absence of HTTPS and minimal security headers, exposing users to potential risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. WHOIS data confirms a mature and legitimate domain with consistent registration details. Overall, the site demonstrates solid business credibility but requires urgent improvements in security and privacy to meet modern standards.

The domain fmt.biz is registered to Christof Industries GmbH, an Austrian company with a mature domain age of 23 years. However, the website currently hosts only a default Plesk server placeholder page indicating no active web presence or business content. The technical infrastructure is minimal, running on an nginx server with no valid SSL certificate, resulting in no HTTPS support. Security headers are partially implemented but limited by the lack of HTTPS. There are no privacy, cookie, or terms of service policies, nor any contact information or forms on the site. DNSSEC and CAA records are not enabled, reducing domain security. Overall, the website lacks professional content, security maturity, and privacy compliance, resulting in a low trustworthiness score.

J

Jugend am Werk Steiermark GmbH

jaw.or.at

0

Jugend am Werk Steiermark GmbH is a leading non-profit organization in Austria's Steiermark region, providing a broad range of social services including support for people with disabilities, youth, families, and adults with mental health challenges. Their offerings encompass housing, employment, education, and community integration, positioning them as a key social service provider with a strong regional presence and multiple certifications and awards that underscore their credibility and commitment to quality. The website is built on TYPO3 CMS, hosted on a provider associated with the domain's DNS records, and employs modern web technologies such as Swiper.js and Matomo analytics. While the site is rich in content, well-structured, and accessible, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Contact information is prominently displayed and verified, enhancing business credibility. Overall, the site demonstrates strong business and content quality but requires urgent security improvements to protect user data and maintain trust.

KPMG Austria GmbH operates a comprehensive and professionally designed website representing its global network of audit, tax, advisory, and legal services. The website targets clients and potential clients primarily in Austria and German-speaking regions, offering detailed insights into their services, industries, and career opportunities. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript frameworks like Vue.js and React, and integrates marketing and analytics tools such as Adobe Analytics, Demandbase, Gigya, and OneTrust for privacy compliance. Despite a strong content and business presence, the website suffers from critical security shortcomings, notably an invalid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

A

AT&S Austria Technologie & Systemtechnik AG

ats.net

0

AT&S Austria Technologie & Systemtechnik AG is a globally recognized leader in high-end printed circuit boards and IC substrates, serving key industries such as aerospace, automotive, communication, and medical technology. The company demonstrates a strong market position with a comprehensive digital presence, including investor relations, career opportunities, and sustainability initiatives. Technically, the website is built on WordPress with modern tools and plugins, offering good SEO and accessibility, though performance is moderate. Security posture is weakened by the absence of a valid SSL/TLS certificate and disabled TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent improvements in SSL/TLS configuration are recommended to enhance security and user trust.

V

Vossen

vossen.com

0

Vossen is a well-established European textile company specializing in high-quality towels, bathrobes, and bath mats, with a strong emphasis on sustainability and color variety. The website is a professionally designed e-commerce platform built on Shopify, featuring comprehensive product offerings, customer reviews, and multilingual support. The technical infrastructure leverages modern web technologies and integrates multiple third-party apps for enhanced functionality. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which are critical for secure online transactions and user trust. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the site presents a credible and professional business presence but requires urgent security improvements to ensure safe user interactions.

S

Software Daten Service Gesellschaft m.b.H.

sds.at

0

Software Daten Service Gesellschaft m.b.H. (SDS) is a medium-sized Austrian company specializing in software and services for the international financial industry, with additional focus on telecommunications and digital entertainment sectors. The company offers a comprehensive portfolio including securities processing, regulatory reporting, compliance, consulting, managed services, and professional testing. SDS benefits from a strong market position supported by its 50 years of history and affiliation with the Deutsche Telekom Group. The website reflects a professional and consistent brand image targeting financial institutions and related industries globally. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS support. Security headers are present but insufficient to compensate for the missing encryption. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally maintained but urgently requires SSL/TLS remediation to improve security posture and trust.

F

feibra GmbH

feibra.at

0

feibra GmbH is a well-established Austrian company specializing in direct marketing and mailing services, including unaddressed and addressed mailings, campaign planning, and geomarketing. The company benefits from over 60 years of experience and is a subsidiary of the Österreichische Post Aktiengesellschaft, positioning it strongly in the Austrian media and marketing sector. The website targets businesses and marketing professionals seeking effective direct marketing solutions across Austria. Technically, the website is built on WordPress with a modern plugin ecosystem and SEO optimization, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no active TLS protocols or certificate transparency compliance. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

Bombardier Recreational Products

brp.com

0

Bombardier Recreational Products (BRP) is a global leader in the manufacturing and retail of recreational vehicles including snowmobiles, all-terrain vehicles, 3-wheel motorcycles, and personal watercraft. The company maintains a strong market position with multiple well-known brands such as Ski-Doo, Lynx, Sea-Doo, and Can-Am. The website reflects a professional and comprehensive digital presence targeting consumers and enthusiasts in the powersports industry. Technically, the site leverages modern technologies including Adobe Experience Manager, Google Tag Manager, and Dynatrace monitoring, indicating a mature digital infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, which undermines the security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is content-rich and professionally designed but requires urgent remediation of SSL issues to ensure secure user interactions.

The website at fci.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page that blocks content unless JavaScript and cookies are enabled. This prevents any meaningful extraction of business or content data. The domain is registered and DNS records indicate active email routing through Mimecast, suggesting legitimate business use. However, the lack of a valid SSL certificate and HTTPS configuration is a critical security weakness. No privacy, cookie, or terms of service policies are present, and no contact information or business descriptions are available on the accessible page. The site relies on Cloudflare for security and hosting, but the absence of modern TLS protocols and HSTS reduces its security posture. Overall, the site appears to be protected by Cloudflare but is not currently accessible for detailed analysis.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

B

Broken Rules

brokenrul.es

0

Broken Rules is an independent game development studio established in 2009, specializing in designing, developing, and publishing original digital games. The website showcases multiple award-winning titles, targeting gamers and digital entertainment audiences. The business model focuses on creative game production and distribution across multiple platforms including Apple Arcade, Nintendo Switch, Steam, and itch.io. The company maintains a consistent and professional brand presence with high-quality content and clear navigation. Technically, the website is hosted on an Apache server with basic HTML5 and CSS3 technologies. However, it lacks modern security implementations such as HTTPS, HSTS, and security headers, which significantly impacts its security posture. Performance data is unavailable, but the site appears to have basic mobile optimization and accessibility features. SEO is reasonably well implemented with proper meta tags and Open Graph data. From a security perspective, the absence of SSL/TLS encryption is a critical vulnerability, exposing users to potential data interception risks. No security policies, incident response contacts, or vulnerability disclosure mechanisms are publicly available, indicating a low maturity in security governance. The DNS configuration lacks DNSSEC and CAA records, further reducing domain security assurance. Overall, the website is functional and professional in content and design but requires urgent security improvements to protect users and enhance trust. Strategic recommendations include enabling HTTPS, implementing security headers, and establishing clear privacy and incident response policies.

G

GE Capital

gecapital.com

0

GE Capital operates as the financial services arm aligned with General Electric's industrial businesses, providing leasing, lending, retail credit, real estate financing, and mortgage services globally. The website reflects a professional and consistent brand presence with clear business descriptions and multiple regional contact points, targeting industrial customers seeking financial solutions. Technically, the site is built on Drupal 10 with Bootstrap and hosted behind Cloudflare, indicating a modern infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses that undermine secure communications. Privacy and cookie policies are well linked to official GE domains, showing good compliance posture, but no explicit security or incident response policies are found. Overall, the site is professional and credible but requires urgent security improvements to meet enterprise standards.

F

Fusonic GmbH

fusonic.net

0

Fusonic GmbH is a medium-sized technology company based in Austria, specializing in software development and UX design with a strong regional presence in Vorarlberg. The company offers a broad range of digital services including software modernization, MVP development, service and process optimization, digital strategy consulting, data analysis, and artificial intelligence solutions. Their market position is supported by over 100 successful projects and long-term partnerships, targeting a wide audience including various industries. The website content is professionally presented with excellent design, clear navigation, and relevant business information. Technically, the site uses modern frameworks such as Symfony and Angular, and is hosted behind Amazon CloudFront CDN, but suffers from a critical lack of valid SSL/TLS configuration, which severely impacts security posture. Security headers are partially implemented, but the absence of HTTPS and TLS protocols is a major vulnerability. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, and the use of Matomo analytics reflects privacy-conscious tracking. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

E

Expeditors International of Washington, Inc.

expeditors.com

0

Expeditors International of Washington, Inc. is a global logistics company specializing in freight forwarding, customs brokerage, and supply chain management services. The company operates a comprehensive worldwide network and offers technology-enabled solutions to optimize logistics operations. The website reflects a professional and consistent brand presence targeting businesses requiring global transportation and supply chain services. Technically, the site uses ASP.NET and is hosted behind Cloudflare with integrations such as Google Tag Manager and HubSpot for marketing and analytics. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site is functional and credible but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 27 security findings identified across all modules.

M

Miba AG

miba.com

0

Miba AG is a large Austrian industrial company specializing in the development and production of critical components for the energy value chain and transportation sectors. Their product portfolio includes sintered parts, sliding bearings, friction linings, power electronics components, coatings, and eMobility solutions. The company maintains a strong global presence with multiple locations and a focus on sustainable and efficient energy applications. Technically, the website is built on TYPO3 CMS and uses modern JavaScript libraries, but suffers from a critical lack of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The site includes comprehensive corporate information, social media integration, and cookie consent mechanisms, indicating good privacy compliance. However, no explicit security or incident response policies are published. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and business operations.

epunkt GmbH is an established Austrian employment agency specializing in job placement and career coaching services. With a domain age of 22 years and a strong presence in Austria, the company targets job seekers and employers, offering personalized career advice and access to a broad range of job opportunities. The website is professionally designed, content-rich, and provides clear navigation and contact information, supporting a positive user experience and trustworthiness. Technically, the site uses nginx as the server and integrates NewRelic for performance monitoring. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the business is credible and well-positioned in its market, but immediate remediation of security issues is essential.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Pierre Fabre Laboratories

pierre-fabre.com

0

Pierre Fabre Laboratories is a well-established French pharmaceutical and dermocosmetics group with a global presence and a strong portfolio of brands. The company focuses on developing innovative healthcare and beauty solutions inspired by patients and consumers. Their website reflects a mature digital presence with comprehensive content, multilingual support, and clear business information. However, the technical infrastructure shows weaknesses, particularly in security, as the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical issue for user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism implemented via OneTrust. Overall, the website is professional and trustworthy but requires urgent security improvements to meet modern standards.

Austrian Airlines AG operates a comprehensive and professional airline website targeting global travelers seeking flights and related travel services. The site offers extensive booking options, flight management, and loyalty program integration, reflecting a mature digital presence consistent with a major European airline and Lufthansa Group member. The technical infrastructure leverages modern web technologies including Apache server, Adobe Helix, and Maui Design System, with content delivery optimized via Akamai CDN. However, performance metrics indicate slow loading times, suggesting room for optimization. Security posture reveals critical gaps, notably the absence of a valid SSL certificate and disabled TLS protocols, which significantly undermine user trust and data protection. While security headers and content policies are well implemented, the lack of HTTPS is a major concern. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not clearly detected. Overall, the website is highly professional and credible but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and compliance with modern security standards.

KTM AG is a well-established Austrian motorcycle manufacturer with a strong market presence and a focus on transparent communication with investors and the public. The website reflects a professional corporate image with clear navigation and relevant business content. Technically, the site is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing visitors to potential risks. No explicit security or incident response policies are published, which could be a concern for stakeholders. Overall, while the business credibility and content quality are good, the technical and security aspects require urgent improvement to meet modern standards.

L

Lam Research

lamresearch.com

0

Lam Research Corporation is a leading enterprise in the semiconductor manufacturing technology sector, providing advanced equipment and solutions that enable chipmakers to innovate at the atomic scale. The website reflects a mature, well-structured corporate presence with comprehensive information on products, customer support, careers, investors, and environmental, social, and governance (ESG) initiatives. The company targets semiconductor industry professionals, investors, and potential employees globally, with multilingual support and dedicated portals. Technically, the website is built on WordPress CMS hosted on WP Engine and utilizes Cloudflare CDN for delivery. It incorporates modern JavaScript frameworks such as React and libraries like GSAP and amCharts for interactive content. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Despite this, the site implements several security headers and a cookie consent mechanism, indicating attention to privacy compliance. Security posture is weakened by the absence of HTTPS and TLS protocols, exposing users to potential risks. No critical vulnerabilities or exposed sensitive data were detected in the content. The domain registration and DNS configurations align with a legitimate enterprise, with no suspicious patterns. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements. Strategic recommendations include immediate deployment of a valid SSL certificate, enabling modern TLS protocols, and enhancing security configurations to protect user data and improve trust. The company should also continue to maintain comprehensive privacy and security policies to comply with global regulations and foster user confidence.

Ö

ÖAMTC - Österreichischer Automobil-, Motorrad- und Touring Club

oeamtc.at

0

ÖAMTC is a large, well-established Austrian automobile and touring club serving over 2 million members. The organization provides a wide range of services including roadside assistance, insurance, travel planning, and member benefits. The website reflects a strong brand presence with comprehensive content and multimedia offerings targeting motorists and travelers in Austria. Technically, the site uses modern technologies such as nginx, RequireJS, JW Player, and integrates with multiple third-party services for analytics and advertising. However, a critical security issue is the lack of a valid SSL certificate and absence of HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent management platform in place. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

BMW.at is the official website for BMW Austria, providing comprehensive information on premium vehicles, including electric and hybrid models, leasing and financing options, and after-sales services. The site targets automotive customers in Austria, emphasizing BMW's premium brand positioning and extensive product offerings. The website is built on a robust technical infrastructure leveraging Adobe Experience Manager and Akamai CDN, ensuring a modern and responsive user experience. Despite the advanced infrastructure, the site currently suffers from an invalid SSL certificate, which undermines its security posture. Security headers are partially implemented, but improvements are needed to fully secure user interactions and data. Privacy and cookie policies are well-presented and GDPR compliant, reflecting BMW's commitment to data protection. Overall, the site demonstrates high professionalism and trustworthiness, with strong brand consistency and extensive content relevant to its audience.