Security Directory

P

PricewaterhouseCoopers

pwc.at

38

PricewaterhouseCoopers Austria (PwC.at) is a leading professional services firm offering audit, tax, consulting, and advisory services. The website presents a comprehensive and professional digital presence targeting businesses and professionals in Austria, emphasizing expertise in finance, sustainability, cybersecurity, and technology consulting. The site uses modern web technologies including Adobe Experience Manager, AngularJS, and Akamai CDN, ensuring a good user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site includes comprehensive privacy and cookie policies with GDPR-compliant consent mechanisms, but lacks explicit security policies or incident response information. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

U

UNIQA Group

uniqagroup.com

40

UNIQA Group is a large Austrian insurance and financial services provider with a strong market presence and a public listing since 1990. The website targets investors, customers, suppliers, and job seekers, offering comprehensive information on insurance products, investor relations, sustainability initiatives, and career opportunities. The content is professionally presented with consistent branding and good quality. Technically, the website uses Apache server technology and integrates modern marketing and analytics tools such as Adobe DTM, Google Tag Manager, and Dynatrace. However, it lacks SSL/TLS encryption, which is a critical security gap. Security headers are well implemented, but the absence of HTTPS significantly reduces the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

Wildniszone.at is a small Austrian business focused on consulting, education, and adventure-based team development and coaching services primarily targeting organizations and individuals in the Baden bei Wien region. The website content is minimal and outdated, relying on framesets and lacking modern web design and mobile optimization. Technically, the site is hosted on Apache with PleskLin and uses easyname.eu as the hosting provider. However, the absence of HTTPS and modern security headers significantly weakens its security posture. No privacy or cookie policies are present, and no contact or incident response information is provided, which impacts trust and compliance negatively. Overall, the website presents a low level of digital maturity and security readiness.

P

panagenda

panagenda.com

40

panagenda is a technology company specializing in analysis and optimization of IT collaboration landscapes, focusing on Microsoft 365 and HCL Notes/Domino environments. Their offerings include software products like OfficeExpert TrueDEM and MarvelClient, alongside consulting and diagnostic services aimed at improving digital experience and reducing operational costs. The company targets IT professionals and enterprises seeking enhanced collaboration and user experience monitoring solutions. Technically, the website is built on WordPress with a modern tech stack including PHP 8, Apache, and various analytics and marketing tools. SEO and content quality are good, with structured data and comprehensive resource hubs. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically undermines secure communications. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

Grammatix is a small-scale cultural and artistic photography website based in Germany, focusing on exhibitions, projects, and published books related to regions such as Nepal, Tibet, and Kashmir. The site is built on WordPress and uses common plugins like Yoast SEO and Flash Album Gallery to manage content and galleries. While the website offers good content quality and navigation, it lacks modern security measures such as HTTPS, exposing visitors to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and contact information is limited to a contact form without explicit emails or phone numbers. The domain registration is consistent and transparent, but the absence of domain protection locks is a minor security concern. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

C

Consulting und Unternehmensberatung in Österreich - SHS

shs.at

20

SHS is a well-established consulting firm based in Austria, specializing in process consulting, change management, and organizational excellence. With over 28 years of experience, SHS serves leading companies domestically and internationally and holds a strong market position supported by multiple industry awards and recognitions. The website reflects a professional business model focused on delivering tailored consulting services to demanding clients. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks HTTPS encryption, which is a significant security concern. The absence of SSL/TLS undermines the security posture despite the presence of privacy policies and consent mechanisms. Overall, the site is content-rich and professionally presented but requires urgent security improvements to protect user data and enhance trust.

R

Roland Spedition GmbH

rolsped.com

37

Roland Spedition GmbH is a well-established Austrian logistics company specializing in combined rail and intermodal transport services. With over 26 years of domain presence, the company positions itself as a leader in hinterland traffic within Austria, offering a comprehensive range of services including operating, trucking, intermodal solutions, and additional services such as customs clearance and hazardous goods transport. The website content is professionally presented in German, targeting businesses requiring efficient and climate-friendly freight transport solutions. Technically, the site is built on WordPress with common industry-standard libraries and plugins, but suffers from a lack of proper SSL/TLS configuration, which significantly impacts its security posture. The company maintains clear contact information and implements cookie consent mechanisms, reflecting basic GDPR compliance. However, no explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found.

B

Bohmann Druck und Verlag GmbH

bohmann.at

21

Bohmann Druck und Verlag GmbH is a well-established Austrian media company with an 80-year history, specializing in official and municipal publications such as the Amtsblatt der Stadt Wien and the Österreichische Gemeinde Zeitung. The company targets municipal decision makers and businesses, positioning itself as one of Austria's largest private communication firms. Their business model centers on publishing and communication services with a medium-sized operational scale. Technically, the website is built on an Apache server, likely using TYPO3 CMS with Bootstrap and jQuery for frontend components. Hosting is provided by A1 Telekom Austria. The site includes Google Fonts and uses Matomo and Google Analytics for visitor tracking, with a cookie consent mechanism in place. However, performance metrics are unavailable, and mobile optimization is basic. From a security perspective, the website lacks HTTPS, which is a critical vulnerability. No SSL certificate is installed, and no modern security headers are present. While no known SSL vulnerabilities or exposed sensitive data were detected, the absence of HTTPS severely impacts the security posture. Privacy and cookie policies exist and appear GDPR compliant, but no incident response or security policies are publicly disclosed. Overall, the website is functional with good content relevance and moderate trustworthiness but requires urgent security improvements, especially the implementation of HTTPS and enhanced security headers, to protect user data and improve compliance.

A

Agentur XY GmbH

xy.de

21

Agentur XY GmbH is a creative agency and production house based in Berlin, Germany, founded in 2018. The company specializes in delivering bold advertising campaigns and production services for global brands, including notable clients such as Netflix, Stepstone, and Playmobil. The website reflects a professional and consistent brand image with rich multimedia content and active social media presence. Technically, the site is built on WordPress with modern libraries and SEO optimizations, but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but the absence of TLS protocols and domain security features like DNSSEC and DMARC reduce the overall security posture. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or detailed GDPR compliance indicators. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

A

AFFiRiS AG

affiris.com

27

AFFiRiS AG is a clinical-stage biopharmaceutical company based in Austria, specializing in the development of novel immunotherapies for chronic diseases such as neurodegenerative disorders and hypercholesterolemia. The company leverages its proprietary AFFITOME® technology to create Specific Active ImmunoTherapies (SAIT) aimed at improving patient outcomes beyond current treatment options. The website presents a professional and well-structured digital presence targeting patients, investors, and healthcare professionals, with clear business and contact information. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk that undermines user trust and data protection. The site uses WordPress CMS with common plugins and libraries, but performance metrics indicate slow loading times, suggesting room for technical optimization. Privacy compliance is addressed through a cookie consent banner and a privacy policy, though terms of service and explicit security policies are not evident. Overall, AFFiRiS demonstrates a credible business profile with a need to urgently improve its security posture to protect visitors and comply with best practices.

B

biocrates life sciences ag

biocrates.com

40

biocrates life sciences ag is a well-established company specializing in quantitative metabolomics kits and services, serving a global scientific and research audience. Their offerings include metabolomics phenotyping, data analysis, pathway analysis, and multiomics data services, supported by a strong community and certified laboratories. The website is professionally designed with comprehensive content and clear navigation, targeting researchers and institutions in healthcare and biotechnology sectors. Technically, the site runs on WordPress with the Divi theme and integrates modern analytics and cookie consent tools, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, supported by consistent WHOIS data and trust indicators such as testimonials and certifications. Strategic improvements in SSL deployment and security hardening are recommended to enhance trust and compliance.

E

Ethical Workforce

ethicalworkforce.co.uk

33

Ethical Workforce is a specialist hospitality recruitment agency based in London, offering permanent and temporary staffing solutions with an international reach. The company targets both employers seeking hospitality staff and jobseekers looking for roles in the hospitality sector. Their website presents a professional image with clear service offerings and client testimonials from notable hospitality figures, positioning them as a trusted niche player in the recruitment market. Technically, the website is built on WordPress using PHP 7.4 and Apache, with common plugins such as Yoast SEO and WPBakery Page Builder. Google Tag Manager is used for analytics and marketing tracking. The site is mobile optimized and SEO friendly, but lacks performance metrics data. The hosting provider is not explicitly identified but uses hdodns.com nameservers. From a security perspective, the site has critical weaknesses: it does not have an SSL/TLS certificate installed, serving content over HTTP only, which severely impacts user trust and data security. No modern TLS protocols or security headers are present. Cookie consent is implemented, but no privacy policy or terms of service pages were found, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements, especially implementing HTTPS and enhancing privacy compliance. Strategic recommendations include obtaining a valid SSL certificate, adding comprehensive privacy and terms pages, and improving security headers to protect users and build trust.

O

Ojo de Pez

ojodepez.com.py

22

Ojo de Pez is a Paraguayan advertising agency specializing in creative, digital, and media services, with a 20-year history in the industry. The company targets businesses seeking to strengthen their brand identity and communication strategies. The website reflects a professional and consistent brand image with good content quality and user experience. However, the technical infrastructure shows significant gaps, notably the absence of HTTPS and a valid SSL certificate, which critically undermines security and user trust. The site uses common marketing and analytics tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, but lacks visible cookie consent mechanisms and privacy policies, raising compliance concerns. Overall, the business appears legitimate and established, but the digital security posture requires urgent improvement.

Z

ZETA

zeta.com

39

ZETA is a large, established engineering and consulting company specializing in the pharmaceutical and biotech industries. They provide comprehensive services including process engineering, automation, food engineering, lifecycle management, and digitalization solutions. The company operates globally with multiple locations and a strong market presence in Austria and beyond. Their website reflects a professional and content-rich digital presence targeting industry clients seeking advanced technological solutions. Technically, the website is built on the Contao CMS platform, served by Apache, and uses common web technologies such as jQuery and Google Tag Manager. While the site is well-structured and optimized for mobile devices, performance metrics indicate slow loading times, and accessibility features are basic. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. Security headers are partially implemented, but important features like HSTS, OCSP stapling, and session resumption are missing. The extensive use of tracking and marketing tools is managed with a clear cookie consent mechanism, indicating good privacy compliance. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include immediate SSL certificate installation, enabling modern security protocols, and enhancing security headers to meet industry best practices.

T

TD SYNNEX Corporation

techdata.com

40

TD SYNNEX Corporation operates as a leading global technology distributor and solutions aggregator, serving a broad ecosystem of technology partners, vendors, and customers. The company offers a wide range of services including technology solutions, business services, digital platforms, and technology education, positioning itself as a central player in the IT distribution market. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its enterprise audience. Technically, the site is built on WordPress with Visual Composer and uses modern web technologies; however, performance is moderate and accessibility features are basic. Security posture is currently weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR and related regulations. Overall, the site demonstrates high business credibility but requires urgent security improvements to protect user data and maintain trust.

B

BrandSourcery GmbH

adpl-solutions.at

23

BrandSourcery GmbH is a Vienna-based production agency specializing in below-the-line marketing materials and services. Their offerings include visual merchandising, promotional items, marketing logistics, print management, and digital solutions, targeting businesses seeking comprehensive marketing support. The website is built on WordPress with a range of plugins supporting multilingual content, marketing, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS implementation represents a significant security risk. While privacy and cookie policies are comprehensive and GDPR compliant, the lack of HTTPS undermines user trust and data security. The site is accessible without WAF or security challenges, but performance data suggests potential slowness. Contact information is complete and professional, supporting business credibility.

The domain hallocards.co.uk currently hosts no active website content and instead displays a default 'Site Not Found' placeholder page provided by DreamHost. There is no visible business information, contact details, or any form of user engagement mechanisms. The domain is registered and uses DreamHost nameservers with Google MX for email, indicating basic domain setup but no active business presence. Technically, the site is served over HTTP without SSL/TLS encryption, which is a critical security deficiency. No modern web technologies, analytics, or security headers are implemented, reflecting a minimal digital maturity level. The absence of privacy, cookie, or terms of service policies further indicates a lack of compliance with data protection regulations. Overall, the security posture is weak due to missing HTTPS and lack of security best practices. The domain registration appears legitimate but the lack of content and security measures poses a high risk for trust and credibility. Strategic recommendations include installing a valid SSL certificate, publishing actual website content, implementing security headers, enabling DNSSEC and CAA, and establishing privacy and cookie policies to improve compliance and user trust.

S

Spanische Hofreitschule & Lipizzanergestüt Piber

srs.at

38

The website for Spanische Hofreitschule & Lipizzanergestüt Piber represents a well-established cultural institution in Austria focused on classical horse riding performances and heritage preservation. It offers rich content about its services, events, and visitor information, targeting tourists and cultural enthusiasts. The site uses modern CMS technology (Craft CMS) and integrates privacy-compliant analytics and cookie consent mechanisms. However, the lack of a valid SSL certificate and HTTPS severely impacts its security posture. While security headers are partially implemented, the absence of encryption exposes users to risks. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is professionally designed and user-friendly but requires urgent security improvements to protect visitors and enhance trust.

P

Polymer Competence Center Leoben GmbH

pccl.at

38

The Polymer Competence Center Leoben GmbH (PCCL) is a leading Austrian research institution specializing in polymer technology and polymer sciences. It collaborates closely with industry partners and academic institutions to deliver innovative R&D projects across sectors such as automotive, aerospace, packaging, and renewable energy. The website reflects a mature organization with a clear focus on cooperative research and sustainable polymer solutions. Technically, the site is built on Joomla CMS with a variety of extensions and frameworks, but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy and compliance documentation is well maintained, including GDPR-compliant privacy policies and incident reporting mechanisms. Overall, the site is professional and content-rich but requires urgent improvements in security infrastructure to align with best practices and user expectations.

S

Sanitär-Heinze GmbH & Co. KG

sanitaer-heinze.com

29

Sanitär-Heinze GmbH & Co. KG operates as a specialized wholesale and service provider in the sanitary, heating, ventilation, and renewable energy sectors primarily serving professional customers in Germany. The company offers a broad portfolio including bathroom products, heating systems, ventilation solutions, and 3D bathroom planning services. Their market position is that of an established regional player with a consistent brand presence and multiple product lines. Technically, the website is built on the Pimcore CMS platform, leveraging modern JavaScript libraries and Google analytics tools, with a professional design and good navigation. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that significantly impacts the security posture. Cookie consent is implemented properly, and privacy policies are comprehensive and GDPR compliant. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

F

FRIEDEN Informatik GmbH

steinringer.com

40

FRIEDEN Informatik GmbH is a specialized IT and software company serving the Austrian residential construction sector, offering consulting, custom software solutions, and IT support. The company is a subsidiary of the Wohnbaugenossenschaft FRIEDEN, leveraging over 25 years of industry experience to provide tailored IT services to housing cooperatives, property managers, and real estate developers. The website content is professionally presented, targeting a German-speaking audience primarily in Austria. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses advanced cookie consent management to comply with GDPR. However, the SSL/TLS configuration is currently invalid, which poses a significant security risk and undermines trust. Security headers are partially implemented, but critical protections like a valid HTTPS certificate and XSS protection are missing. The domain steinringer.com shows inconsistent DNS and SSL data, suggesting it may not be the primary domain for the website content, which is hosted on frieden-informatik.at. Overall, the business demonstrates strong market positioning and privacy compliance but requires urgent improvements in SSL security and domain configuration to enhance trust and security posture.

F

FWT Composites & Rolls GmbH

fwt.at

20

FWT Composites & Rolls GmbH is a medium-sized Austrian manufacturing company specializing in composite rollers, tubes, drive shafts, and related services primarily for industrial sectors such as paper, film, and non-woven industries. Founded in 1996, the company has established itself as a leading manufacturer with a strong focus on product quality, customer service, and technical expertise. Their website reflects a professional business presence with detailed product and service descriptions, multilingual support, and active social media engagement via Facebook. Technically, the website is built on WordPress with common plugins and includes structured data for SEO benefits. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a significant security concern. Privacy compliance is addressed through a cookie consent mechanism and a comprehensive privacy policy. Overall, the company demonstrates a solid market position but should urgently address its security posture to protect user data and improve trust.

B

BECOM Electronics GmbH

becom.at

40

BECOM Electronics GmbH is a medium-sized Austrian company specializing in electronic manufacturing services (EMS) and embedded solutions, serving industries such as automotive, medical technology, and industrial electronics. The company operates internationally with subsidiaries in Germany, Hungary, China, and the USA, positioning itself as a reliable partner for end-to-end electronic product development and production. Their website reflects a professional and comprehensive digital presence with detailed service offerings and strong branding consistency. Technically, the website is built on TYPO3 CMS and hosted likely via Kabelplus infrastructure. It features modern web design, good mobile optimization, and accessibility. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and HSTS configuration. The site uses Google Analytics for user tracking and implements a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the lack of HTTPS and TLS support significantly lowers the security posture, exposing users to potential risks. The DNS configuration is mostly sound but lacks DMARC and DNSSEC, which are recommended for enhanced email and DNS security. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, while the business and website demonstrate professionalism and strong market positioning, addressing the critical security issues and enhancing compliance documentation would improve trustworthiness and reduce risk exposure.

Ö

ÖSTU-STETTIN Hoch- und Tiefbau GmbH

oestu-stettin.at

39

ÖSTU-STETTIN Hoch- und Tiefbau GmbH is a large Austrian construction company specializing in underground and high-rise construction projects worldwide. As part of the HABAU GROUP, it offers a comprehensive range of services including mining, garage construction, general contracting, industrial construction, and tunnel building. The website is professionally designed, multilingual (German and English), and provides detailed service information targeting clients in the construction and infrastructure sectors globally. Technically, the site is built on WordPress with a mature plugin ecosystem and hosted on Azure DNS infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with a GDPR-compliant cookie consent mechanism and a comprehensive privacy policy. No explicit security or incident response policies are published, and no direct contact emails or phone numbers are visible, though social media channels and contact forms are available. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect visitors and enhance trust.

D

Das Österreichische Patentamt

patentamt.at

40

Das Österreichische Patentamt is the central government authority in Austria responsible for intellectual property rights including patents, trademarks, and designs. The website serves as an information and service hub offering online filing, advisory services, and educational programs such as the IP Academy. The organization holds ISO 9001 and ISO 27001 certifications, reinforcing its commitment to quality and information security. The site targets a broad audience including inventors, businesses, startups, legal professionals, and students. Technically, the website is built on TYPO3 CMS with modern frontend libraries and frameworks, providing a professional and accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is strong with comprehensive cookie consent mechanisms and GDPR-aligned policies. Overall, the site is authoritative and trustworthy but requires urgent improvements in SSL/TLS deployment to enhance security posture.

T

Tourismusschulen Bad Gleichenberg

tourismusschule.com

27

Tourismusschulen Bad Gleichenberg is a well-established private educational institution in Austria specializing in tourism and hospitality education. With a history dating back to 1946, it offers a variety of programs including practical internships and international exposure, positioning itself as a leading school in its sector. The website reflects a professional and consistent brand image targeting students interested in tourism careers. Technically, the site is built on WordPress with common plugins and scripts but suffers from a critical lack of valid SSL/TLS certificates, exposing it to security risks. Privacy compliance is addressed with cookie consent and a privacy policy, though some security policies are absent. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and enhance trust.

G

GARTNER KG

gartnerkg.com

28

GARTNER KG is a large, family-owned Austrian logistics and transport company established in 1918, operating across 23 locations in 9 countries. The company specializes in road transport, intermodal transport, and warehousing services, positioning itself as one of Austria's largest family-owned transport providers and a leading logistics service provider in Europe. The website is professionally designed using TYPO3 CMS, with multilingual support and clear navigation targeting logistics customers and job seekers. Technically, the site uses Apache hosting with DNS managed by a1.net and integrates Cookiebot for GDPR-compliant cookie consent and Google Tag Manager for analytics. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy policies and contact information are comprehensive and accessible, but no explicit security or incident response policies are published. Overall, the site demonstrates good business credibility and privacy compliance but requires urgent security improvements.

B

BG8 Piaristengymnasium

bg8.at

35

BG8 Piaristengymnasium is an educational institution in Austria offering a traditional gymnasium education with a focus on individual student support, social competencies, and language skills. The website serves as an information portal for students, parents, and staff, providing news, school profiles, and contact options. Technically, the site is built on WordPress with a modern theme and plugins, but suffers from an invalid SSL certificate and lack of HTTPS, which significantly impacts its security posture. The site lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Overall, the website is functional and professionally designed but requires urgent security improvements to protect user data and enhance trust.

The website emqff.org presents a minimal and non-informative front with no visible business content, contact information, or policies. The domain is mature, registered since 2008, and hosted on an Apache server without HTTPS, indicating a lack of basic security measures. The site appears to primarily serve tracking or redirect functions rather than providing legitimate business services or information. Technically, the site lacks modern web standards, performance optimization, and accessibility features. Security posture is weak due to absence of SSL/TLS, security headers, and privacy compliance mechanisms. Overall, the site poses a low trust profile and potential risk for users due to lack of transparency and security.

C

Cubro Network Visibility

cubro.com

24

Cubro Network Visibility is a mature technology company specializing in network visibility solutions including hardware and software products such as Network TAPs, Packet Brokers, and Probes. With over 19 years of domain presence and a strong market position, Cubro serves service providers, enterprises, data centers, and government organizations globally. The website is professionally designed, content-rich, and well-structured, targeting technical and business audiences interested in network performance and security monitoring. Technically, the site is built on WordPress with modern plugins and frameworks, though performance is moderate and mobile optimization is good. Security posture is a concern due to the absence of a valid SSL certificate and HTTPS, lack of modern TLS protocols, and missing HSTS, which significantly lowers the security score. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Business credibility is supported by certifications like ISO 27001:2022, detailed contact information, and partnerships with major industry players. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Selbst-Bestimmt.net is a small German-based organization specializing in personal development seminars and workshops, including Heldenreise®, Family Circles, and Gestalt therapy. The website presents a clear business model focused on organizing and delivering these seminars, targeting individuals interested in self-development. Technically, the site runs on WordPress with common plugins such as Yoast SEO and Contact Form 7, hosted on a provider associated with kasserver.com. However, the site lacks HTTPS support, which is a critical security deficiency. Security posture is weak due to the absence of SSL/TLS encryption and missing security headers. Privacy compliance is also lacking, with no visible privacy or cookie policies. Overall, the website is functional and content-rich but requires urgent improvements in security and compliance to protect users and build trust.

E

Europapier Austria GmbH

europapier.at

40

Europapier Austria GmbH is a traditional wholesale and distribution company specializing in graphic papers, packaging, design papers, office papers, hygiene products, and advertising technology. The company operates primarily in Austria and serves business customers with a broad product portfolio and multiple locations. The website is professionally designed, content-rich, and provides comprehensive contact options including email, phone, and contact forms. Technically, the site uses modern technologies such as Pimcore CMS, Apache server, and Google Tag Manager for analytics. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical issue. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy compliance. Overall, the site is trustworthy and professional but requires urgent security improvements.

A

AUSTROPLAN Austrian Engineering GmbH

austroplan.at

21

AUSTROPLAN Austrian Engineering GmbH is a small, specialized consulting and engineering company focused on industries such as cement, medical engineering, pharmaceuticals, iron & steel, waste processing, and LPG cylinder manufacturing. The company offers a range of services including business development, consulting, contracting, inspection, and spare parts procurement. The website reflects a niche industrial service provider with international project references but lacks modern digital maturity. Technically, the website is built on an outdated Joomla! 1.5 CMS platform and includes deprecated Flash content, which negatively impacts user experience and security. Performance is slow, and mobile optimization is poor. Security posture is weak due to the absence of HTTPS and a valid SSL certificate, lack of modern TLS protocols, and missing security headers. No privacy or cookie policies are present, indicating poor privacy compliance. Overall, the website is accessible but requires significant modernization and security improvements to meet current standards and enhance trustworthiness.

klar. Strategie- und Kommunikationsberatung GmbH is a specialized Austrian consultancy focused on strategy and communications, offering services such as strategy development, positioning, reputation management, and public relations. The company targets organizations and public sector clients seeking credible and clear communication solutions. The website is professionally designed, content-rich, and well-structured, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms in place. Contact information is complete and transparent, supporting business credibility. Overall, the company demonstrates strong market positioning and trust indicators but must urgently address security infrastructure gaps to align with best practices.

S

Strelle Records

strelle.at

35

Strelle Records is a small Austrian media and event technology service provider specializing in audio, video, lighting, installations, and event planning since 2011. The company targets event organizers, artists, and media producers primarily in the Kärnten region. The website is built on WordPress with a modern theme and integrates Google Analytics and Jetpack for analytics and performance tracking. However, the site lacks HTTPS, which is a critical security deficiency. The cookie consent mechanism is implemented, but no privacy policy or terms of service pages are present, indicating partial GDPR compliance. Contact information is clearly provided, and social media presence is strong, enhancing business credibility. Overall, the technical infrastructure is moderate but requires urgent security improvements.

Europapier International AG is a large, well-established paper merchant headquartered in Vienna, Austria, with a strong presence across Central and Eastern Europe. The company offers a broad portfolio of paper and paper-related products, supported by extensive warehousing and distribution infrastructure. As part of the Heinzel Group since 2010, Europapier serves a diverse B2B customer base including commercial printers and specialty market businesses. The website reflects a mature digital presence with comprehensive business and product information, professional design, and good user experience. However, the absence of HTTPS and SSL/TLS encryption represents a significant security risk, undermining user trust and data protection. The site employs modern technologies such as Pimcore CMS and Google Tag Manager for analytics, but performance data suggests potential loading delays. Legal and privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, Europapier demonstrates strong business credibility but requires urgent security improvements to align with best practices.

B

Bacher Systems EDV GmbH

bacher.at

40

Bacher Systems EDV GmbH is a medium-sized Austrian IT services company specializing in managed services, cybersecurity, data analytics, and digital identity solutions. The company targets large enterprises, including numerous Top 100 companies in Austria, positioning itself as a trusted partner for IT infrastructure and security needs. The website reflects a professional and comprehensive digital presence with clear service offerings and client references. Technically, the site is built on Silverstripe CMS and integrates modern marketing and analytics tools, but suffers from critical SSL/TLS configuration issues that undermine its security posture. Security headers and privacy compliance are well implemented, including GDPR-aligned privacy and cookie policies with consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the company's Austrian base. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS to ensure secure communications.

Y

Yokogawa Electric Corporation

yokogawa.com

35

Yokogawa Electric Corporation is a century-old global enterprise specializing in measurement, control, and information technologies for industrial sectors such as energy and manufacturing. The company maintains a comprehensive and professionally designed website that serves a global audience with extensive product, solution, and corporate information. Technically, the site employs modern web technologies including AngularJS and integrates analytics and monitoring tools like Google Tag Manager and New Relic. However, the absence of a valid SSL certificate and HTTPS support significantly weakens its security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance with GDPR standards. Overall, the website demonstrates high business credibility and content quality but requires urgent security improvements to align with best practices.

The website elited.us is currently suspended and inaccessible, displaying only a hosting provider's suspension notice. No actual business content, metadata, or contact information is available, preventing meaningful analysis of the company's operations or market position. The technical infrastructure is minimal, hosted on Bluehost with Apache server, but lacks a valid SSL/TLS certificate, resulting in no HTTPS support and poor security posture. The absence of privacy policies, cookie consent mechanisms, and security best practices further indicates a lack of compliance and maturity. Overall, the site is non-functional and presents significant risks from a security and trust perspective.

I

INFINA

infina.at

30

INFINA is a leading independent credit brokerage firm in Austria specializing in residential construction financing. The company offers comprehensive credit comparison services from over 120 banks, personal consultation, and a wide range of financial tools to assist customers in securing optimal mortgage financing. Their extensive network of over 100 local partners ensures personalized service throughout Austria. The website reflects a mature and professional business with excellent content quality and user experience, targeting individuals and families seeking home financing solutions. Technically, the site is built on TYPO3 CMS with modern web technologies and includes interactive calculators and consent management tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business demonstrates strong credibility and market position but must urgently address its SSL/TLS configuration to improve security and trust.

N

Nuance Communications

nuance.com

40

Nuance Communications is a mature enterprise technology company specializing in AI-powered healthcare and productivity solutions. Recently acquired by Microsoft, it leverages industry-leading AI, security, and infrastructure to transform workflows and boost productivity for healthcare professionals and enterprises. The website reflects a professional and consistent brand presence with clear business messaging and a strong market position in the technology and healthcare sectors. Technically, the site uses a modern tech stack including Apache, Adobe Experience Manager CMS, and integrates analytics and marketing tools such as Google Analytics, Google Tag Manager, and Adobe Helix RUM. However, a critical security gap exists due to the absence of SSL/TLS encryption, exposing the site to significant risks. Security headers are well implemented, but without HTTPS, their effectiveness is limited. Privacy and legal policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site demonstrates good digital maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and maintain trust.

CERATIZIT S.A. is a leading high-technology engineering group specializing in cutting tools and hard material solutions, serving industrial and manufacturing sectors globally. The company is part of the Plansee Group and maintains a strong market position supported by innovation, patents, and sustainability certifications such as the EcoVadis Gold Rating. The website reflects a professional and well-branded digital presence with comprehensive content and multilingual support. Technically, the site uses modern frameworks including Next.js and Adobe Experience Manager, supported by Akamai CDN for content delivery. However, the security posture is currently weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks. Privacy and legal compliance are well addressed with clear policies and consent mechanisms. Overall, CERATIZIT demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect users and enhance trust.

Gerald Binder's website is a personal blog primarily targeting German-speaking audiences interested in diverse topics such as chili recipes, media theory, travel, and quotes. The site operates on a WordPress platform with a modest but consistent content update history, positioning itself as a niche media outlet rather than a commercial enterprise. Technically, the site uses an Apache server with WordPress 5.0.22 and integrates social media plugins for Facebook and Twitter. However, the absence of HTTPS and modern security configurations significantly undermines the site's security posture. Privacy compliance is minimal, with a basic privacy policy page but no cookie consent mechanisms or GDPR compliance indicators. Overall, the site is functional but lacks critical security and privacy features, which poses risks to user trust and data protection.

O

Octapharma Handelsges.m.b.H.

octapharma.at

40

Octapharma Handelsges.m.b.H. is a large, family-owned healthcare company based in Austria, specializing in plasma-derived medicines and therapies for rare diseases such as hemophilia, immunology, and intensive care. The company operates globally with a strong market position and offers patient support, career opportunities, and healthcare services. The website is built on modern technologies including Next.js and React, hosted on AWS infrastructure, and managed via the Storyblok CMS. It features comprehensive privacy and cookie policies with a consent mechanism powered by Usercentrics. However, the website currently lacks a valid SSL certificate and does not support HTTPS, which is a critical security concern. Security headers are partially implemented but the absence of TLS protocols and HSTS reduces the overall security posture. Contact information is primarily available via contact forms, with no explicit phone numbers or emails prominently displayed except for a support email related to internal server error reporting. Social media presence is active on LinkedIn, YouTube, and Kununu. Overall, the website is professional, content-rich, and user-friendly but requires urgent improvements in SSL/TLS configuration to ensure secure user interactions.

C

Cargill, Incorporated

delacon.com

23

Delacon.com is the online presence of Delacon, a global leader in phytogenic solutions for animal nutrition, operating under the parent company Cargill, Incorporated. The website offers comprehensive information about their products, research, and career opportunities, targeting professionals in the animal nutrition and agriculture sectors. The site is built on TYPO3 CMS and hosted on AWS infrastructure, featuring a professional design and good content quality. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. While security headers are partially implemented, critical improvements are needed to secure data transmission and user privacy. The site lacks explicit cookie consent mechanisms despite using Google Analytics and other tracking tools, indicating partial privacy compliance. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

T

The Training Box

thetrainingbox.eu.com

20

The Training Box is a UK-based small business specializing in communication skills training and coaching services. Their website presents a professional and well-structured platform focused on delivering personalized communication improvement programs for individuals and organizations. The business operates primarily in the education sector with a niche market position. Technically, the site is built on WordPress using the Divi theme and Contact Form 7 plugin, hosted by UKFast. However, the website lacks a valid SSL certificate, resulting in insecure HTTP access, which significantly impacts its security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, including a company email and phone number, alongside a Facebook social media presence. Overall, the site offers good content quality and user experience but requires urgent security and privacy improvements.

M

MedAustron

medaustron.at

26

MedAustron is a specialized healthcare and research center based in Austria, focusing on advanced ion therapy for cancer treatment using proton and carbon ion technologies. The organization serves patients, medical professionals, and students, positioning itself as one of the few global providers of this innovative therapy. The website is professionally designed, multilingual, and provides comprehensive information about services, patient care, and research activities. Technically, the site runs on WordPress with common plugins and demonstrates good SEO and user experience, though performance metrics are unavailable. Security posture is weak due to the absence of HTTPS, no valid SSL certificate, and missing advanced security headers, which poses a critical risk. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Contact information is transparent and complete, enhancing business credibility. Overall, the site is trustworthy but requires urgent security improvements to protect user data and improve trust.

W

Walter Bösch GmbH & Co. KG

boesch.at

39

Walter Bösch GmbH & Co. KG operates a comprehensive website focused on heating, cooling, ventilation, and building automation solutions, primarily serving the Austrian market. The company positions itself as a leading provider with extensive 24/7 customer service and a broad portfolio of products and services. The website is well-structured, professionally designed, and provides rich content including customer references and detailed product information. Technically, the site uses modern technologies such as Pimcore CMS, Bootstrap framework, and service workers for enhanced user experience. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent security improvements to protect user data and enhance trust.

I

ICSL GmbH

icsl.at

35

ICSL GmbH is a specialized provider of secure communication systems, focusing on high-quality, NATO-approved solutions such as Silentel and SecuSUITE. With over 20 years of experience and 13 years dedicated to secure communication, ICSL positions itself as a trusted partner for government and enterprise clients requiring robust security. The website reflects a professional and consistent brand image, targeting a niche market with a clear business model centered on consulting and secure communication services. Technically, the site is built on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings due to an invalid SSL certificate and lack of HTTPS, which significantly impacts its security posture. Privacy and legal compliance are well addressed with accessible policies and cookie consent mechanisms. Overall, ICSL demonstrates strong business credibility but must urgently address its SSL/TLS configuration to enhance trust and security.

Ocean Maps GmbH is a specialized engineering company focused on surveying, visualization, and application solutions primarily for the energy and construction sectors. Their services include underwater surveying using advanced sonar systems, UAV and laser scanning for aerial data collection, and custom software development for digital twins and GIS data visualization. The company positions itself as a leader in precise data acquisition and intuitive data presentation, targeting industry professionals requiring accurate and actionable spatial data. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website is built on WordPress with a modern plugin ecosystem including Colibri Page Builder and TranslatePress for multilingual support. It integrates Google Analytics and AddThis for analytics and social sharing. However, the site lacks a valid SSL certificate, serving content over HTTP only, which is a significant security concern. DNS records appear misconfigured or missing, which could impact domain resolution and email services. Performance data is unavailable, but the site appears mobile-optimized and SEO-friendly. From a security perspective, the absence of HTTPS and missing DNS records are critical vulnerabilities that reduce trust and expose users to risks. While no direct vulnerabilities or malware are detected, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism aligned with GDPR requirements. Overall, Ocean Maps GmbH presents a credible and professional business with strong domain expertise but requires urgent improvements in technical security infrastructure to protect users and enhance trust. Strategic recommendations include immediate SSL certificate installation, DNS configuration correction, and implementation of security best practices to elevate the security posture and compliance maturity.