Security Directory

KWR Karasek Wietrzyk Rechtsanwälte GmbH is a leading Austrian law firm specializing in Wirtschaftsrecht (business law) with over 20 years of experience. The firm offers a broad range of legal services including construction law, intellectual property, dispute resolution, and more, targeting national and international corporate clients. The website is professionally designed, content-rich, and well-structured, reflecting the firm's strong market position and reputation supported by multiple industry recognitions such as Chambers and Legal 500. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes user privacy mechanisms like cookie consent and optional Matomo analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to risks and undermining trust. Security headers are partially implemented but require enhancement. Overall, the site demonstrates good privacy compliance and business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

Q

Quest Global

quest-global.com

40

Quest Global is a well-established global engineering services provider with over 21,000 employees across 18 countries and 84 centers. The company specializes in delivering end-to-end engineering solutions across multiple industries including aerospace, automotive, healthcare, and energy. Their business model focuses on B2B partnerships with large enterprises, leveraging digital and embedded engineering expertise to solve complex engineering challenges. The website reflects a professional and comprehensive digital presence with strong branding and trusted partnerships with major technology companies such as NVIDIA, Microsoft, AWS, and Google Cloud. Technically, the website is built on WordPress with Elementor and hosted on WP Engine behind Cloudflare CDN. It uses modern marketing and analytics tools like HubSpot and Google Tag Manager. However, performance metrics are not provided, and the site shows signs of slow loading. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the site has several strong security headers implemented, but critically lacks a valid SSL/TLS certificate and does not support any TLS protocols, which is a major vulnerability. This significantly reduces the security posture and exposes users to risks. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place, but no explicit security policy or incident response contacts are found. Overall, the website is professional and credible but urgently needs to address its SSL/TLS configuration to ensure secure communications and improve trustworthiness. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, enhancing security headers, and publishing explicit security and incident response policies.

C

CMC Markets

cmcmarkets.com

40

CMC Markets is a well-established global online trading platform founded in 1989, offering leveraged trading on a wide range of financial instruments including forex, indices, commodities, cryptocurrencies, shares, ETFs, and bonds. The company operates multiple trading platforms such as MetaTrader 4, MetaTrader 5, TradingView integration, and its proprietary web and mobile platforms, serving over 1.5 million global clients. It is a FTSE 250 listed company with a strong market position and multiple regulatory licenses, including in Bermuda and the UK. The website is professionally designed, content-rich, and targets retail and institutional traders worldwide. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with good mobile optimization and SEO practices. The platform supports multiple device types and integrates third-party services for enhanced user experience and marketing. However, the SSL certificate is currently invalid or missing, which is a critical security concern. Security headers are partially implemented, and there is no evidence of advanced security policies or incident response information on the site. The security posture is moderate with room for improvement, especially in SSL configuration and additional security headers. Privacy and cookie policies are present and indicate GDPR compliance, with clear consent mechanisms. Contact information is comprehensive, including phone, email, and physical addresses in multiple countries. The company demonstrates strong business credibility through trust indicators such as awards, Trustpilot reviews, and regulatory compliance. Overall, CMC Markets presents a professional and trustworthy online trading service with a mature digital presence. Addressing the SSL certificate issue and enhancing security headers would significantly improve the security posture and user trust.

B

bgm Partners

bgm-partners.com

22

bgm Partners is a small, privately owned corporate finance advisory firm headquartered in Vienna, Austria, with an additional presence in Luzern, Switzerland. The company specializes in mid-cap and large-cap advisory services focusing on Mergers & Acquisitions, Corporate Finance, and Project Finance. The website presents basic business information and service offerings targeting corporate clients seeking financial advisory services. The market position appears modest but globally oriented within the finance sector. Technically, the website is built on TYPO3 CMS and uses legacy JavaScript libraries such as jQuery 1.7.2. Google Analytics is implemented for visitor tracking, but the site lacks modern performance optimizations and mobile responsiveness is basic. The website does not use HTTPS, which is a critical security deficiency. The absence of a valid SSL certificate and modern TLS protocols exposes visitors to security risks and undermines trust. From a security perspective, the site lacks essential protections such as HTTPS, HSTS, and security headers. No incident response or security policies are publicly available, and no contact emails or phone numbers are provided for direct communication. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism. The presence of an unrelated external gambling link in hidden text raises minor suspicion. Overall, the website's risk profile is elevated due to missing HTTPS and weak security posture. Strategic improvements should prioritize securing the site with a valid SSL certificate, implementing security headers, and enhancing privacy compliance. Business credibility would benefit from clearer contact information and updated technical infrastructure.

Weatherford's PetroVisor website presents a mature and comprehensive SaaS platform focused on unifying data and analytics for the energy sector, specifically oil and gas production optimization. The platform integrates AI/ML capabilities and offers multiple modules addressing production, artificial lift, completion optimization, ESG, and enhanced oil recovery. The website is professionally designed, content-rich, and targets enterprise-level energy industry professionals. Technically, the site uses a modern tech stack including Kentico CMS, jQuery, and various analytics and marketing tools. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security incident response or vulnerability disclosure information is found. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic security improvements are necessary to enhance trust and protect user data.

M

MPG GmbH

michael-pachleitner-group.com

27

MPG GmbH is an established Austrian eyewear company specializing in manufacturing and retail of optical frames and lenses, serving both B2B and B2C markets. The company operates multiple subsidiaries and maintains a professional online presence with multilingual support and structured data. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating marketing tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the business demonstrates credibility and maturity, but security posture requires urgent improvement to align with best practices.

S

SRB Consulting Team GmbH

srb.at

23

SRB Consulting Team GmbH is a well-established IT service provider specializing in SAP consulting, implementation, and optimization services. With over 25 years of experience and a strong SAP Gold Partner certification, the company offers a broad range of SAP-related solutions including ERP, CRM, SCM, and SAP Business Technology Platform services. Their target audience includes businesses across various industries seeking digital transformation and SAP expertise. The website presents professional content, clear navigation, and consistent branding, supported by a solid social media presence. Technically, the website uses a variety of modern front-end libraries such as Bootstrap, jQuery, and Owl Carousel, but lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Performance is slow with a high page load time and large page size, indicating potential optimization needs. Privacy compliance is well addressed with a GDPR-compliant cookie consent mechanism and a clear privacy policy. Security posture is weak due to the absence of HTTPS, missing security headers, and no visible incident response or security policies. This exposes the site and its users to risks and undermines trust. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing the company's credibility. Overall, while the business and content quality are good, the lack of HTTPS and security best practices significantly lowers the security score and overall rating. Immediate remediation of SSL/TLS issues and security hardening is recommended to improve trust and compliance.

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 29 security findings identified across all modules.

L

Lidl Österreich

lidl.at

40

Lidl Österreich operates a comprehensive retail website offering a wide range of products including food, household items, garden supplies, fashion, and more. The site features extensive promotional content, including weekly offers and loyalty programs such as Lidl Plus. The company holds a strong market position in Austria as a leading discount supermarket chain, supported by a consistent and professional brand presence. Technically, the website employs modern technologies like Vue.js and is hosted on a robust infrastructure with Akamai DNS services. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and content security policies, indicating a focus on security best practices. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional and trustworthy but must urgently address the SSL deficiency to ensure secure user interactions.

O

OC Oerlikon Management AG

oerlikon.com

40

OC Oerlikon Management AG is a global industrial technology leader specializing in surface technologies, advanced materials, and additive manufacturing solutions. The company serves key growth markets including automotive, aerospace, energy, tooling, and luxury sectors through a portfolio of subsidiaries and partner brands. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data security. Privacy compliance is well addressed with a robust cookie consent mechanism and clear privacy policies. Overall, the business demonstrates high legitimacy and market positioning but requires urgent improvements in security posture to align with best practices.

G

GTech Automatisierungstechnik GmbH

gtech.at

40

GTech Automatisierungstechnik GmbH is a medium-sized Austrian company specializing in automation technology, providing complex measurement, alignment, testing, and assembly systems primarily for large series production. The company has a strong market position as an innovator and specialist with over 20 years of experience, serving industrial clients worldwide. Their website is professionally designed and provides comprehensive information about their services and values. Technically, the site is built on the Wix platform using modern frameworks like React, but lacks a valid SSL certificate, which is a critical security concern. The security posture is basic with some security headers present but no HTTPS, exposing the site to potential risks. Privacy compliance is good with clear privacy and cookie policies, and contact information is readily available. Overall, the site is trustworthy but needs urgent security improvements to protect user data and enhance credibility.

Merit Group Limited is a UK-based B2B data and intelligence company specializing in technology-driven data capture and analysis to provide high-quality business and political intelligence. The company operates through subsidiaries including Dods Group Limited and Merit Data & Technology Limited, serving clients primarily in the UK and Europe. The website presents a professional image with clear business descriptions and subsidiary links, targeting business clients seeking data intelligence solutions. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses common plugins and libraries such as jQuery and Genesis Blocks. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy and cookie policies exist but lack advanced consent mechanisms, and no incident response or security policies are published. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

The website esab.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business-specific information, contact details, or policy documents are available for analysis. The site is protected by Cloudflare, but lacks a valid SSL certificate and modern TLS support, indicating a weak security posture. The DNS configuration shows standard use of Azure DNS and Outlook mail protection, but no advanced DNS security features such as DNSSEC or CAA are enabled. Overall, the site’s digital maturity and security posture are limited by the lack of accessible content and missing HTTPS encryption. Strategic improvements are necessary to enable secure access and provide transparency to visitors.

Y

YES BANK

yesbank.in

40

YES BANK is a major Indian financial institution providing a range of banking services including retail, corporate, and investment banking. The website content analyzed is minimal and primarily technical, with no visible privacy or cookie policies, contact information, or user-facing content. The domain and DNS data confirm the legitimacy of the bank's online presence. Technically, the site uses Oracle Cloud infrastructure and Akamai CDN, with multiple third-party analytics and advertising integrations. However, the absence of a valid SSL certificate is a critical security flaw, severely impacting the site's security posture and user trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site requires urgent remediation of SSL issues and improved transparency in privacy and contact information to meet industry standards.

C

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG

colop.com

28

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG is a well-established Austrian manufacturer specializing in stamps and marking solutions with a global footprint. Founded in 1981, the company operates multiple subsidiaries worldwide and offers a broad range of products including traditional stamps, mobile printing devices, and creative arts and crafts stamps. Their business model combines manufacturing with e-commerce and partner distribution, targeting both professional and creative markets. The website reflects a professional and comprehensive digital presence with strong branding and content quality.

D

DHK

dhk.be

39

DHK is a Belgian company specializing in aluminum and composite building materials, offering a range of products including aluminum profiles, pergolas, carports, and custom folded sheet metal work. The company targets both professional and private customers in the construction and renovation sectors, providing online configurators and a digital showroom to enhance customer experience. The website reflects a medium-sized business with a consistent brand presence and active social media engagement. Technically, the site is built on a Ruby on Rails framework, hosted on OVH infrastructure, and uses modern marketing tools such as Google Tag Manager and ActiveCampaign. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. Security headers are partially implemented but some important protections like X-XSS-Protection are disabled. Privacy and cookie policies exist but lack explicit consent mechanisms, which may impact GDPR compliance. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

N

Nixplay Frames | #1 Selling Digital Picture Frame | On Sale

nixplay.com

40

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 22 security findings identified across all modules.

The website espon.eu is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. As a result, no business-related information, contact details, or policies are available for analysis. The site is protected by Cloudflare, but it lacks a valid SSL/TLS certificate, which is a critical security deficiency. DNS records are properly configured with multiple A and AAAA records, MX records pointing to Outlook protection, and a valid SPF record, indicating a legitimate email setup. However, the absence of DNSSEC and CAA records slightly reduces trust. Overall, the website's security posture is weak due to missing HTTPS and modern TLS protocols, and the lack of visible privacy or cookie policies indicates poor compliance with data protection standards. The site’s technical infrastructure relies on Cloudflare for hosting and security, but the current blocking status severely limits usability and trust.

The website at discovery.com currently presents only a minimal 'Not found' page with no accessible content, metadata, or business information. The domain is registered and hosted on Amazon AWS infrastructure, but the lack of valid SSL/TLS configuration and absence of HTTPS severely undermines the site's security posture. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available, indicating the site is either under construction or improperly configured. From a technical perspective, the site suffers from very slow load times despite minimal content, no modern web technologies detected, and no SEO or accessibility features implemented. Security best practices are absent, with no security headers, no HSTS, and no certificate transparency compliance. The DNS setup appears legitimate with multiple MX and NS records, but the invalid SSL certificate and lack of HTTPS are critical vulnerabilities. Overall, the site is not currently functional or trustworthy for users or business partners. The absence of content and security controls poses significant risks and undermines credibility. Immediate remediation is required to install a valid SSL certificate, enable HTTPS, and deploy basic website content and policies to establish trust and compliance.

C

Welcome to Constantia Flexibles

cflex.com

30

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 27 security findings identified across all modules.

I

Istmobil

istmobil.at

35

Istmobil.at is an independent informational website focused on providing detailed reviews, guides, and affiliate referrals related to mobile casinos and online gambling targeted at Austrian players. The site offers comprehensive content on casino apps, bonuses, payment methods, and gaming options, positioning itself as a niche media player in the online gambling affiliate space. Technically, the site is hosted behind Cloudflare and uses standard web technologies including HTML5, CSS3, and JavaScript, with Google Fonts for typography. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. This significantly impacts the site's security posture and user trust. Privacy compliance is minimal, with no visible cookie consent mechanism and only basic privacy and terms of service pages linked in the footer. The site uses Matomo analytics and affiliate marketing links to partner casino domains. Overall, while content quality and business credibility are moderate to good, the lack of HTTPS and modern security practices present a major risk. Strategic improvements in security and privacy compliance are essential to enhance trust and protect users.

T

Therefore Corporation

therefore.net

31

Therefore Corporation operates a comprehensive information management platform targeting businesses across multiple industries. The company positions itself as a market leader in ECM and workflow automation, offering a wide range of software solutions designed to improve document management, workflow digitization, and data accessibility. Their website reflects a mature digital presence with professional design, rich content, and clear navigation. Technically, the site is built on WordPress with modern optimization plugins and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate is a significant security gap, undermining the otherwise strong security headers and policies. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the business credibility is high, supported by certifications, partner relationships, and extensive case studies.

T

twinformatics GmbH

twinformatics.at

39

twinformatics GmbH is a medium-sized Austrian IT service provider specializing in software development and operation for major insurance companies such as Wiener Städtische Versicherung AG and Vienna Insurance Group. The company positions itself as a strong IT partner with end-to-end responsibility for innovative software solutions trusted by thousands of users. The website is professionally designed, primarily in German, targeting IT professionals and potential employees. Technically, the site runs on WordPress with modern PHP and uses several plugins for enhanced functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of HSTS headers. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. The security posture is basic and requires immediate improvements in SSL/TLS configuration and vulnerability disclosure practices. Overall, the website reflects a credible and professional business but needs technical security enhancements to align with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

E

Emerson Electric Co.

flexim.com

40

The website flexim.com serves as a comprehensive brand page for Flexim, a division of Emerson Electric Co., specializing in non-intrusive, clamp-on ultrasonic flow meters for liquids, gases, and steam. The site positions Flexim as an industry leader with a strong focus on industrial and energy sectors, offering a wide range of products, services, and customer support resources. The content is rich, professionally designed, and well-structured, targeting industrial customers and professionals seeking advanced flow measurement solutions. Technically, the site employs modern web technologies including Bootstrap, Google Tag Manager, and Visual Website Optimizer, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy and compliance measures are well addressed with clear privacy and cookie policies, and incident response channels are available. Overall, the site demonstrates high business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and maintain trust.

P

PXP Financial

pxpfinancial.com

40

PXP Financial is a UK-based payment technology company offering a unified commerce platform that simplifies global payments and commerce operations. The company targets a broad range of industries including retail, hospitality, gaming, and travel, providing services such as point of sale, eCommerce, acquiring, and cross-border payments. Their platform emphasizes intelligent payment routing, real-time business intelligence, and self-service capabilities, positioning them as a modern and innovative player in the payment solutions market. Technically, the website is built on HubSpot CMS with integrations of popular marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for privacy compliance. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is a critical issue for a financial services provider. The domain registration is consistent and mature, registered with a reputable UK registrar, and the business is FCA authorized, enhancing credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS security to meet industry standards and protect user data.

Genuine Parts Company is a well-established global leader in the distribution of automotive and industrial replacement parts, founded in 1928. The company operates extensively across North America, Europe, and Australasia with a large workforce and numerous locations. Their business model focuses on providing quality parts and value-added solutions through a network of subsidiaries and partner brands such as NAPA and Motion. The website reflects a mature corporate presence with investor relations, sustainability reporting, and career opportunities prominently featured. Technically, the site is built on WordPress with common libraries and frameworks, and is hosted behind Cloudflare. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is addressed through a OneTrust cookie consent mechanism and a comprehensive privacy policy, but no explicit terms of service or security policies are found. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

Ö

Österreichische Gesundheitskasse

ooegkk.at

40

The Österreichische Gesundheitskasse (ÖGK) operates as a major public health insurance provider in Austria, delivering comprehensive health insurance services and support to insured individuals, employers, and contract partners. The website serves as an official portal offering information, appointment scheduling, customer service, and career opportunities, targeting Austrian residents and stakeholders in the healthcare sector. The digital presence is supported by a modern technology stack including Apache, Jakarta Faces, and jQuery, managed via a Gentics CMS platform, and hosted within the Austrian social insurance infrastructure. Despite a professional and content-rich website, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture. The site implements a strong Content Security Policy and cookie consent mechanisms, reflecting good privacy compliance, but the lack of HTTPS and TLS protocols is a critical vulnerability. Social media integration and clear contact information enhance trust and user engagement. Overall, the website is functional and credible but requires urgent security improvements to protect user data and comply with modern standards.

C

Campaigning Bureau

campaigning-bureau.com

24

Campaigning Bureau is a well-established political campaigning agency based in Austria with offices in Vienna and Berlin. They specialize in movement campaigning, political communication, stakeholder mobilization, and ESG communication, serving political actors, companies, NGOs, and organizations. The company holds a strong market position in Europe, supported by international awards and recognition as a top employer. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager and Truendo CMP, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS and missing security headers, representing a critical vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Contact information is transparent and complete, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and improve trust.

D

Dorotheum GmbH & Co KG

dorotheum.com

40

Dorotheum GmbH & Co KG operates the largest auction house in Central Europe, specializing in art, antiques, jewelry, and collectibles with over 300 years of experience. The company holds numerous auctions annually, both online and in physical salerooms, and offers additional services such as private sales and expert consultations. The website is professionally designed, content-rich, and targets collectors, buyers, and sellers in the art and luxury goods market primarily in Austria and surrounding regions. Technically, the site is built on TYPO3 CMS with modern frontend libraries and integrates analytics and marketing tools like Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security posture to protect user data and enhance trust.

E

Ecker & Partner

eup.at

24

Ecker & Partner is a well-established PR and Public Affairs agency based in Vienna, Austria, offering a broad range of communication services including crisis communication, litigation PR, digital content, and storytelling. The company positions itself as a leading agency in its sector with a strong network and long-standing client relationships. Technically, the website is built on WordPress with common marketing and analytics integrations but suffers from a critical lack of a valid SSL certificate, resulting in insecure HTTP connections. The site is content-rich and professionally designed but experiences slow load times and lacks some security best practices. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy page. Overall, the business credibility is high, but the security posture requires urgent improvement to protect user data and trust.

Bühler Group is a well-established enterprise specializing in manufacturing and technology solutions primarily for the food processing and advanced materials industries. The company offers a broad portfolio of industrial solutions, including extrusion, milling, and process technologies, supported by global services such as maintenance, expert consulting, and training centers. Their website reflects a mature digital presence with consistent branding and comprehensive corporate governance information. Technically, the site is built on Adobe Experience Manager and hosted on AWS infrastructure with CloudFront CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms on forms. Overall, Bühler Group's website demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

Irish Bank Resolution Corporation Limited (IBRC) is a financial institution currently in special liquidation, managing the orderly conclusion of its liquidation process. The website serves primarily as an informational portal to communicate the status of the liquidation, provide contact details, and notify stakeholders about deadlines for deeds of release and edischarges. The business operates under the supervision of the Central Bank of Ireland and is a successor to Irish Nationwide Building Society and Anglo Irish Bank Corporation Limited. The target audience includes creditors, impacted customers, and parties requiring documentation related to the liquidation. Technically, the website is built on Microsoft IIS with ASP.NET and uses Google Analytics for tracking. The hosting IP suggests Amazon AWS infrastructure. However, the site lacks a valid SSL/TLS certificate, serving content over HTTP only, which significantly impacts security posture. The site has basic design and content quality, reflecting its winding-down status, with limited interactivity and no forms. SEO and accessibility features are minimal. From a security perspective, the absence of HTTPS and security headers, lack of DNSSEC and CAA records, and no vulnerability disclosure policy indicate a low security maturity level. While no active vulnerabilities or malware were detected, the site is exposed to risks due to missing encryption and security best practices. Privacy compliance is partial, with a data protection notice available but no cookie consent mechanism despite use of Google Analytics. Overall, the website presents moderate business credibility but suffers from critical security shortcomings. Strategic improvements in SSL implementation, security headers, and privacy compliance are recommended to enhance trust and protect visitors. Given the nature of the business in liquidation, the website's limited functionality and content are understandable but should still meet basic security standards.

A

Amiblu Group

amiblu.com

25

Amiblu Group operates as the world's largest producer and technology partner for GRP (glass-fiber reinforced plastics) pipe systems, focusing on sustainable water infrastructure solutions. The company targets urban and rural communities, industries, and infrastructure planners, offering a broad portfolio of pipe products, technical documentation, and reference databases. Their market position is strong, supported by certifications such as EcoVadis and partnerships like the UNESCO World Engineering Day 2025. The website reflects a mature, well-established business with a professional and consistent brand presence. Technically, the website is built on WordPress with a modern tech stack including caching and multilingual support. However, performance is moderate and accessibility is basic. The site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security flaw. Security headers are minimal, and no advanced security policies are implemented. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The security posture is weak due to the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or security policy information is publicly available. The domain registration is consistent and mature, supporting the legitimacy of the business. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

W

Wiener Privatbank

wienerprivatbank.com

40

Wiener Privatbank is a medium-sized Austrian private bank specializing in wealth and asset management, capital market investments, and real estate. The bank emphasizes personalized service, crisis-proof investment strategies, and trusted FATCA solutions. The website is built on a modern CMS platform (Craft CMS) with SEOmatic for SEO optimization and includes rich content and clear navigation targeting private banking clients and investors. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. While privacy policies are present and GDPR compliance appears addressed, no cookie consent mechanism or terms of service were found. Social media presence on Facebook, LinkedIn, and YouTube supports brand visibility. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect users and enhance trust.

T

TeCoB GmbH

tecob.at

22

TeCoB GmbH's website is currently under construction and provides minimal information about the company or its services. The site uses WordPress with an under construction plugin and basic frontend technologies such as Bootstrap and Font Awesome. The domain is registered in Austria and DNS records are properly configured, including MX records pointing to Outlook mail protection. However, the website lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts security and trust. No privacy, cookie, or terms of service policies are present, and no contact information or forms are available, limiting user engagement and compliance with data protection regulations. Performance is poor with a very slow load time, and no analytics or tracking technologies are detected.

The website proz.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to proceed. This prevents access to any substantive content, including business information, policies, or contact details. The domain is registered and uses Cloudflare for DNS and security, with email services routed through Google and marketing integrations via HubSpot and SendGrid. However, the SSL/TLS configuration is invalid or missing, which is a critical security concern. No privacy or cookie policies are detectable, and no contact information is available on the challenge page. Overall, the site’s security posture is limited by the lack of valid HTTPS and the blocking of content by the WAF, resulting in a low trust and usability score.

W

Werner Mertz Professional

wmprof.com

31

Werner Mertz Professional is a medium-sized manufacturing company specializing in high-performance hygiene solutions for professional cleaning markets. With over 50 years of history and a strong commitment to sustainability, the company operates under well-known brands such as Green Care Professional and Tana Professional. The website reflects a mature digital presence with comprehensive content, professional design, and strong SEO practices. However, the lack of a valid SSL certificate and proper HTTPS configuration represents a significant security risk that undermines user trust and data protection. The company has implemented cookie consent mechanisms and privacy policies compliant with GDPR, indicating awareness of privacy regulations. Overall, the business is credible and well-positioned in its sector but must urgently address its security posture to meet modern standards.

A

AirBerlin PLC & Co. Luftverkehrs KG

airberlin.com

24

The website for airberlin.com currently serves as a minimal placeholder 'Coming Soon' page referencing insolvency information for AirBerlin PLC & Co. Luftverkehrs KG, a former airline company. The site lacks substantive business content, contact information, and user engagement features, reflecting the company's insolvency status and inactive operations. Technically, the site uses Tailwind CSS for styling and is hosted on Hetzner infrastructure, but suffers from poor performance with a high load time and lacks modern web optimizations. Critically, the site does not have a valid SSL certificate and is served over HTTP only, exposing users to security risks. No privacy, cookie, or terms of service policies are present, and no contact or social media links are provided, limiting transparency and user trust. Overall, the website's security posture is weak, with no HTTPS, no security headers, and no advanced DNS security features enabled.

R

Rosenfelt & West Engineering A/S

rwe.dk

36

Rosenfelt & West Engineering A/S is a Danish engineering company specializing in railway safety systems, including automatic secured level crossings and marshalling yard safety installations. The company offers comprehensive services such as equipment renovation, training courses, and career opportunities within the railway safety sector. Their market position is supported by certifications in environmental management, quality management, and railway safety standards, reflecting a commitment to reliability and compliance. Technically, the website is built on WordPress with common plugins and hosted on a LiteSpeed server, but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS and related security headers exposes the site and its visitors to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie policy or consent mechanism detected. Contact information is limited to a phone number and contact page link, with no email addresses or social media profiles found. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

S

Stefanel

stefanel.com

38

Stefanel is a European retail and e-commerce brand specializing in women's fashion, operating a multi-country website with localized country selectors. The business targets European consumers seeking stylish women's clothing. The website is built on the Salesforce Commerce Cloud (Demandware) platform and uses various marketing and analytics tools including Google Tag Manager, CQuotient, and LiveStory. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. Privacy compliance is partially addressed with a OneTrust cookie consent mechanism, but no privacy policy or terms of service are found on the splash page. Contact information is also absent, limiting user trust and support options.

The website kainhofer.eu is currently inaccessible due to an HTTP 403 Forbidden error, indicating that access to the content is denied. The domain is registered with IONOS SE, a reputable registrar and hosting provider, and DNS records are properly configured. However, the lack of a valid SSL/TLS certificate and absence of HTTPS support significantly reduce the security posture of the site. No business or contact information, privacy policies, or terms of service are available on the site, limiting the ability to assess the company's operations or compliance status. The website performance is poor with a very slow load time despite minimal content, and no modern web technologies or analytics tools are detected.

Stellantis NV operates a comprehensive global website representing one of the world's largest automotive groups with a portfolio of 14 iconic brands and mobility services. The site targets industry stakeholders, investors, customers, and the general public, providing rich content including press releases, investor relations, sustainability initiatives, and innovation highlights. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries like jQuery, and performance monitoring tools such as Boomerang, hosted on Microsoft Azure with Akamai CDN integration. While the website demonstrates excellent design quality, mobile optimization, and SEO practices, it critically lacks a valid SSL certificate and HTTPS support, severely impacting its security posture. Security headers are partially implemented but insufficient without TLS encryption. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is strong with consistent branding and comprehensive content. Overall, the site scores moderately due to the critical absence of HTTPS, which should be prioritized to protect user data and maintain trust.

H

HAKOM Time Series GmbH

hakom.at

26

HAKOM Time Series GmbH is a medium-sized Austrian company specializing in time series management software and cloud services for the energy sector. The company positions itself as a technology leader with over 30 years of experience, offering both on-premises and cloud-based solutions under the PowerTSM® brand. Their website reflects a professional and comprehensive digital presence, targeting energy industry professionals and IT developers with detailed product information, news, webinars, and customer success stories. The company maintains active engagement through social media and newsletter subscriptions. Technically, the website is built on TYPO3 CMS and uses modern web technologies including jQuery and Swiper.js for interactive content. The hosting provider is identified as Web-Crossing. While the site is mobile-optimized and SEO-friendly with proper metadata and structured data, performance metrics are not explicitly available. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy in German. From a security perspective, the site lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. Security headers such as HSTS and CSP are present but cannot compensate for the missing HTTPS encryption. No explicit security policy or incident response information is found, which could be improved to enhance transparency and trust. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards and protect user data effectively. Strategic recommendations include obtaining a valid SSL certificate, enabling TLS 1.2/1.3, and enhancing security policies and incident response disclosures.

B

BFI Salzburg BildungsGmbH

bfi-sbg.at

36

BFI Salzburg BildungsGmbH is a prominent educational institution in Salzburg, Austria, offering a wide range of courses, certifications, and educational services targeting individuals and companies seeking professional development. The website demonstrates a comprehensive and well-structured presentation of their offerings, including course programs, school qualifications, health and nursing professions, and corporate services. The digital infrastructure is built on Pimcore CMS and served via nginx, with Matomo analytics implemented for privacy-conscious user tracking. However, the absence of a valid SSL/TLS certificate and HTTPS significantly undermines the site's security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements.

N

NGS Global

ngs-global.com

25

NGS Global is a partner-led executive search and leadership advisory firm with a global presence spanning the Americas, Europe, Asia Pacific, Africa, and the Middle East. The company offers personalized executive search services leveraging a mid-sized platform that combines the resources of major global firms with high-touch client service. Their key services include executive search, leadership consulting, and industry-specific expertise across multiple sectors. Technically, the website is built on Joomla CMS with modern JavaScript libraries and frameworks such as jQuery and Bootstrap, but suffers from a lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security posture. The site implements cookie consent via Cookiebot and uses Google Analytics and ZoomInfo for tracking, indicating moderate digital maturity. Security headers are partially implemented, but critical vulnerabilities exist due to the absence of SSL/TLS encryption. Overall, the website presents professional content and a clear business model but requires urgent security improvements to protect user data and enhance trust.

T

TEUFELBERGER Ges.m.b.H.

teufelberger.com

27

TEUFELBERGER Ges.m.b.H. is a family-owned, international manufacturing group specializing in fiber ropes, steel wire ropes, and strapping solutions. The company serves industrial sectors including construction, marine, mining, forestry, and safety equipment, positioning itself as a diversified leader in rope manufacturing. Their website reflects a comprehensive product catalog and detailed service offerings, targeting industrial clients globally. Technically, the website is built on Magento Commerce with modern JavaScript libraries and marketing tools such as Google Tag Manager and MailerLite, indicating a mature digital infrastructure. However, performance metrics are lacking, and the site currently lacks a valid SSL certificate, which is a critical security deficiency. Security headers are present but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance indicators are evident. Contact information is transparent and includes physical address, phone numbers, and company emails, enhancing business credibility. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS configuration and security practices are recommended to protect user data and improve trust.

Heidelberger Druckmaschinen AG (HEIDELBERG) is a globally recognized leader in the manufacturing and supply of printing and packaging solutions, including offset and digital printing technologies, post-press packaging machines, and related software and services. The company targets commercial, packaging, and label printing companies worldwide, positioning itself as a market leader with a comprehensive product and service portfolio. The website reflects a mature digital presence with rich content, clear navigation, and strong branding, supporting its enterprise-level stature. Technically, the site uses modern web technologies and tracking tools but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Security headers are present but ineffective without SSL, and no explicit security or incident response policies are published. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. WHOIS data confirms domain legitimacy and consistency with the company’s identity. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

B

BBMRI-ERIC

bbmri-eric.eu

26

BBMRI-ERIC is a European research infrastructure focused on biobanking and biomolecular resources, supporting researchers in health and life sciences to find new treatments. Established in 2013 and headquartered in Graz, Austria, it provides a range of services including a directory of biobank metadata, federated platforms for privacy-preserving data queries, and quality management. The website reflects a mature organization with consistent branding and professional content aimed at the scientific community. Technically, the site is built on WordPress with a variety of plugins supporting SEO, newsletter management, and social media integration. However, the site lacks HTTPS and a valid SSL certificate, which is a critical security vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy but requires urgent security improvements to protect user data and maintain credibility.

M

Microlife AG

microlife.ch

37

Microlife AG is a well-established Swiss company specializing in the development and production of medical diagnostic devices such as blood pressure monitors, thermometers, and respiratory therapy equipment. The company holds a strong market position as a world leader in healthcare technology, targeting both home users and healthcare institutions. Their website reflects a professional and consistent brand image with multilingual support and a comprehensive product portfolio. Technically, the website uses modern JavaScript and tracking tools but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS undermines user trust and exposes data to interception risks. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policies. However, no explicit security or incident response policies are publicly available. Overall, the site is functional and informative but requires urgent security improvements to align with best practices and user expectations.