Security Directory

B

Berufsfoerderungsinstitut Wien

bfi.wien

38

BFI Wien is a well-established educational institution based in Austria, specializing in vocational training, continuing education, and certification courses across various sectors including IT, business, languages, and social services. The website reflects a mature digital presence with a comprehensive catalog of courses, detailed descriptions, and clear pricing structures. The target audience includes private individuals, businesses, and job seekers, supported by extensive service and advisory offerings. Technically, the site is built on TYPO3 CMS and leverages Cloudflare for hosting and CDN services, with modern web technologies ensuring good mobile responsiveness and accessibility. However, the absence of a valid SSL certificate is a critical security gap, exposing users to risks and undermining trust. The site employs GDPR-compliant cookie consent mechanisms and provides clear privacy policies, demonstrating good privacy practices. Overall, while the business and content quality are excellent, the security posture requires urgent improvement to align with best practices and user expectations.

iSi GmbH is a well-established global manufacturer specializing in pressurized gas chargers and related solutions across automotive, components, and culinary sectors. Founded in 1867 in Vienna, the company has a strong market presence with operations in over 90 countries. The website reflects a professional digital presence using modern web technologies such as Next.js and React, supported by a Shopware 6 CMS backend. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture and user trust. Privacy compliance is well addressed with comprehensive policies and a consent management platform. The company maintains transparency through corporate policies and whistleblower mechanisms, and engages users via social media and career portals.

E

ECOTEC GmbH

ecotec.at

21

ECOTEC GmbH is a small Austrian company founded in 1992 that supports European companies in establishing a presence in East Africa by managing communication and partnerships during initial phases. The company has a niche market position with a long history in development cooperation and consultancy. The website is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, showing moderate digital maturity but suffers from slow performance and lacks modern security configurations. Critically, the site does not have a valid SSL certificate or HTTPS enabled, exposing visitors to security risks. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional but requires urgent security improvements to protect users and improve trust.

R

Ramar Record Retention, LLC

ramarrecords.com

22

Ramar Record Retention, LLC is a small business specializing in document and record storage, management, and secure shredding services primarily serving Maryland and surrounding areas. The company offers a range of services including records management, indexing, retention scheduling, and transportation. The website is built on Drupal 7 and incorporates modern web technologies such as Google reCAPTCHA and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken the security posture. While some security headers are present, critical best practices such as HSTS and OCSP stapling are missing. The website lacks published privacy, cookie, and security policies, which impacts privacy compliance and user trust. Overall, the site is functional with good content quality and navigation but requires urgent security improvements to protect user data and enhance credibility.

G

Goodpack IBC (Singapore) Pte. Ltd.

goodpack.com

39

Goodpack IBC (Singapore) Pte. Ltd. is a leading global provider of reusable intermediate bulk containers (IBCs) designed to optimize supply chains through a flexible pay-per-use leasing model. The company serves diverse industries including rubber, automotive, food and beverage, and chemicals, emphasizing sustainability and cost efficiency. Their extensive global network includes subsidiaries and offices across Asia, Europe, the Americas, and Africa, supporting a large-scale logistics operation. The website reflects a professional and consistent brand image with comprehensive content and clear navigation, targeting businesses seeking eco-friendly and efficient packaging solutions. Technically, the website is built on the Webflow CMS platform, leveraging modern JavaScript libraries such as jQuery, Luxy.js, and Splide.js for enhanced user experience. Hosting and CDN services are provided by Cloudflare, ensuring good content delivery performance. The site includes Google Analytics for user tracking and Google reCAPTCHA for bot protection. Mobile optimization and SEO practices are well implemented, though performance metrics are not explicitly provided. From a security perspective, the site has implemented some security headers including HSTS and CSP frame-ancestors, but critically lacks a valid SSL/TLS certificate and does not support modern TLS protocols, exposing users to potential risks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Privacy compliance is strong with a clear privacy policy, cookie consent mechanism, and GDPR considerations. Overall, Goodpack’s website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL/TLS issues to ensure secure communications and maintain trust. Strategic improvements in security policy transparency and incident response readiness would further enhance their security posture.

VML is a globally recognized marketing and communications agency operating under the parent company WPP. The company offers a broad range of services including brand experience, commerce, customer experience, and enterprise solutions, targeting enterprise-level clients. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content showcasing their work and insights. Technically, the site uses modern JavaScript frameworks and integrates analytics and marketing tools effectively, though performance is moderate. Security posture is weak due to the absence of a valid SSL certificate and HTTPS enforcement, which is a critical risk. Privacy compliance is strong with clear policies and consent mechanisms. Overall, VML presents a credible and professional business but must urgently address its SSL/TLS configuration to ensure secure user interactions.

The website greatwallmotors.com.au is currently inaccessible due to a Cloudflare security challenge page that blocks content unless JavaScript and cookies are enabled. This prevents access to any meaningful business or content data. The domain is registered in Australia with consistent WHOIS data, but the lack of a valid SSL certificate and disabled HTTPS severely impacts the security posture. No privacy, cookie, or terms of service policies are present, and no contact information or business details are visible. The technical infrastructure relies on Cloudflare for hosting and security, but the current configuration disables HTTPS and modern TLS protocols, which is a critical security concern. Overall, the website's digital maturity is low, with poor content quality and minimal technical implementation. The security posture is weak, and privacy compliance is absent. Strategic improvements are necessary to enable secure access, provide transparency, and improve trustworthiness.

P

PV - Pensionsversicherung Österreich

pensionsversicherung.at

39

The website pensionsversicherung.at represents the official online presence of the Austrian Pensionsversicherung (PV), the largest pension insurance carrier in Austria, serving approximately 5.6 million insured persons. It provides comprehensive information and services related to pensions, care allowances, rehabilitation, and health prevention. The site is well-structured, professionally designed, and targets insured workers, pensioners, and caregivers in Austria. The business model is that of a government social insurance provider, with a strong market position as a key public institution in Austria's social security system. Technically, the website uses a mature technology stack including Apache server, jQuery 3.6, Jakarta Faces framework, and Piwik PRO for analytics. The content is rich and well-optimized for SEO and accessibility, with good mobile responsiveness. However, performance data is missing, and the site is currently served without a valid SSL certificate, resulting in no HTTPS availability, which is a critical security flaw. From a security perspective, the site implements several security headers including a detailed Content Security Policy and uses secure cookie flags. Despite this, the lack of a valid SSL certificate and absence of modern TLS protocols severely degrade the security posture. No DMARC record is found, and session resumption and OCSP stapling are not enabled. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is trustworthy and authoritative in its domain but must urgently address SSL/TLS issues to ensure secure communications and maintain user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing email security with DMARC. The site demonstrates a high level of professionalism and business credibility but is currently limited by its security shortcomings.

P

Phoron Group GmbH

phoron.com

27

Phoron Group GmbH is an established international SAP consulting firm founded in 2004, specializing in SAP Cloud ERP, technology consulting, and sustainability solutions. The company targets medium and large enterprises, offering a comprehensive portfolio of SAP-related services. The website is professionally designed, content-rich, and consistent with the company's business model and market positioning. Technically, the site runs on Drupal 10 with Apache server and integrates Google Tag Manager and Sendinblue for marketing and analytics. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Business credibility is supported by trust indicators such as certifications and social media presence, though direct contact emails and phone numbers are not publicly visible. Overall, the site demonstrates strong business and content quality but requires urgent security improvements.

Moncler Group is a prominent luxury fashion company headquartered in Milan, Italy, operating key brands such as Moncler and Stone Island. The website serves as a corporate portal providing investor relations, sustainability information, and brand insights. The company targets investors, luxury consumers, and stakeholders interested in corporate governance and sustainability. Technically, the site is built on WordPress with multilingual support and uses modern JavaScript libraries and tracking tools. However, the absence of a valid SSL certificate and HTTPS support significantly weakens its security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting GDPR compliance. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and enhance trust.

K

Krajete GmbH

krajete.com

40

Krajete GmbH is a specialized Austrian company focused on developing nature-inspired solutions for industrial gas emissions management. Their expertise includes adsorber-based purification and bioprocesses that transform emissions into valuable resources, helping clients comply with environmental regulations and improve sustainability. The company targets industries with emission challenges and offers services such as regenerative NOx removal, emissions valorisation, gas sampling, and biomethanation. Technically, the website is built on WordPress using Oxygen builder and Yoast SEO, with Cloudflare as a hosting proxy. However, the site lacks a valid SSL certificate, exposing it to security risks. The cookie consent mechanism is implemented, and contact information is clearly provided. Security posture is basic with room for improvement in SSL, headers, and incident response policies. Overall, the website presents a professional business presence but requires urgent security enhancements to protect user data and improve trust.

Schoellerbank AG is a well-established Austrian private bank specializing in sustainable wealth management and investment solutions. The website reflects a professional and comprehensive presentation of their services, targeting private clients seeking long-term financial security and personalized advisory. The affiliation with UniCredit S.p.A. further strengthens their market position and credibility. Technically, the website employs modern JavaScript libraries and cookie consent management tools, but suffers from poor SSL/TLS configuration, lacking a valid certificate and HTTPS support, which poses significant security risks. Privacy policies and cookie consent mechanisms are well implemented and GDPR compliant. Overall, the site offers a good user experience but requires urgent security improvements to protect user data and maintain trust.

E

EasyAds

easyads.eu

38

EasyAds is a Dutch online marketing bureau specializing in e-commerce growth through automation, marketing optimization, and integration with marketplaces and advertising channels. The company has a solid market position supported by recognized partnerships with Channable, Google, Microsoft, and Cookiebot, and has been operating since 2006. Their services include datafeed management, marketplace integrations, advertising channel management, and managed campaign services, targeting retailers and brands seeking scalable online growth. Technically, the website is built on WordPress with Elementor and several plugins, hosted on WordPress.com's Atomic infrastructure. The site is multilingual and uses modern marketing and analytics tools, including Google Analytics and LinkedIn Insight, with a cookie consent mechanism via Cookiebot. However, the SSL certificate is invalid or missing, resulting in no HTTPS support, which is a critical security issue. Security headers are partially implemented, but TLS protocols are disabled, and no DNSSEC or CAA records are configured. Contact information is available via email, phone, and contact forms, but no explicit privacy policy or terms of service pages were found. Overall, the website is professional and content-rich but requires urgent security improvements to ensure trust and compliance.

R

Research Center Pharmaceutical Engineering GmbH

rcpe.at

25

The Research Center Pharmaceutical Engineering GmbH (RCPE) is a non-profit organization specializing in pharmaceutical process engineering, combining academic expertise from Graz University of Technology, University of Graz, and Joanneum Research GmbH. The company is positioned as a global leader in pharmaceutical innovation, providing advanced scientific solutions including simulation, AI, and quality control to pharmaceutical partners worldwide. The website reflects a professional and consistent brand image targeting pharmaceutical industry stakeholders and researchers. Technically, the site is built on WordPress with modern plugins and themes but lacks a valid SSL certificate, impacting security posture. Borlabs Cookie is used for cookie consent, indicating GDPR compliance efforts. Security best practices are partially implemented but require improvements, especially in SSL configuration and security headers. Overall, the site is trustworthy and credible but should address critical security gaps to enhance user trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GOLDBECK RHOMBERG GmbH

goldbeck-rhomberg.com

40

GOLDBECK RHOMBERG GmbH is a well-established construction and real estate services company with over 50 years of experience, primarily operating in Austria and Europe. The company offers comprehensive services including the turnkey construction of logistics and industrial halls, office buildings, parking garages, and residential buildings, positioning itself as an integrated provider in the real estate sector. Their business model focuses on delivering end-to-end solutions from design to operation, including parking services. Technically, the website is built on modern frameworks such as Nuxt.js and Express, hosted on Vercel, and uses TYPO3 CMS for content management. The site is well-optimized for SEO, mobile responsiveness, and accessibility, with a professional design and clear navigation. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of enabled TLS protocols, which is a critical issue that needs immediate remediation. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place. Overall, the website reflects a credible and professional business presence but requires urgent security improvements to protect user data and maintain trust.

H

Handl Tyrol GmbH

handltyrol.at

33

Handl Tyrol GmbH is a well-established Austrian family-owned company specializing in traditional Tyrolean ham, sausages, and roast specialities since 1902. The company positions itself as an ambassador of Tyrolean cuisine, offering both meat and plant-based products through retail and an online shop. The website reflects a strong brand identity with excellent content quality and clear navigation targeting consumers interested in authentic regional food products. Technically, the site employs modern JavaScript libraries and consent management tools but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, security headers, and DNS security features. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is supported by transparent contact information and trust signals such as quality guarantees and PGI certification. Overall, the site is professional but requires urgent security improvements to protect user data and enhance trust.

H

Herba Chemosan

herba-chemosan.at

38

Herba Chemosan is a large Austrian pharmaceutical wholesaler established in 1916, operating seven logistics centers and serving the entire Austrian pharmacy market. The company offers comprehensive pharmaceutical distribution, logistics, marketing, and IT solutions to pharmacies and pharmaceutical manufacturers. The website is built on WordPress with Elementor and Yoast SEO, presenting professional and rich content targeted at healthcare professionals and partners. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are well implemented, indicating good GDPR compliance. The absence of explicit security and incident response policies suggests room for improvement in security governance. Overall, the business is credible and well-positioned in the Austrian healthcare sector, but the technical security posture requires urgent enhancement.

R

RAM Consulting

ramitalia.it

40

RAM Consulting Italia SRL is an established Italian consulting and training company with over 15 years of experience supporting entrepreneurs, managers, and professionals to improve individual and organizational performance. Their business model focuses on integrated management, organizational coaching, and strategic marketing services, delivered through workshops, video courses, and personalized consulting. The company maintains a professional and content-rich website that clearly communicates its services and values to its target audience. Technically, the website is built on WordPress with a modern plugin ecosystem but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, while the business credibility and content quality are high, the security weaknesses pose a risk that should be addressed promptly to protect user data and enhance trust.

C

CPB Contractors

cpbcon.com.au

40

CPB Contractors is a well-established major contractor specializing in critical and complex infrastructure projects across Australia and New Zealand. The company operates as a subsidiary of the CIMIC Group and holds a leading market position in sectors such as transport, energy, and construction. Their website reflects a professional business model focused on large-scale infrastructure delivery, with key services including rail, tunneling, roads, water, and new energy projects. The target audience includes government agencies, industry partners, and prospective employees. Technically, the website is built on modern frameworks including Next.js and Material-UI, integrated with Sitecore CMS, and employs Google Analytics and Tag Manager for tracking. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts security and user trust. Mobile optimization and SEO are adequately addressed, but accessibility features are basic. From a security perspective, the absence of HTTPS and security headers represents a significant vulnerability. No explicit security policies or incident response contacts are published, and privacy compliance is limited despite the presence of a privacy policy. The site uses tracking technologies but lacks cookie consent mechanisms, indicating partial privacy compliance. Overall, the website is functional and professional but requires urgent security improvements, especially SSL implementation and enhanced privacy compliance, to reduce risk and improve trustworthiness.

G

GRAWE osiguranje a.d.o.

grawe.rs

40

GRAWE Srbija is a well-established insurance company operating in Serbia, offering a broad range of life and non-life insurance products including vehicle, property, and health-related insurance. The company is part of the larger GRAWE Group, which has a long tradition in the insurance sector. The website is professionally designed using TYPO3 CMS and integrates modern technologies such as Google Tag Manager and Cloudfront CDN. It provides clear navigation, comprehensive product information, and multiple contact channels including phone, email, and social media. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in HTTPS not being properly enabled. This significantly impacts the security posture and user trust. Security headers are well configured, but the lack of valid SSL and modern TLS protocols is a major vulnerability. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the website is functional and credible but requires urgent remediation of SSL/TLS issues to improve security and trust.

P

Polytechnik Luft- und Feuerungstechnik GmbH

polytechnik.com

24

Polytechnik Luft- und Feuerungstechnik GmbH is a well-established Austrian company specializing in biomass energy technologies, with over 60 years of experience and a global footprint in 25 countries. The company offers advanced solutions for transforming biomass into CO2-neutral energy, including combustion, gasification, carbonization, and torrefaction technologies. Their market position is strong, supported by a medium-sized workforce and a comprehensive product portfolio. The website reflects a professional and content-rich digital presence, targeting industrial and energy sector clients seeking sustainable energy solutions. Technically, the website is built on WordPress with modern SEO and multilingual plugins, ensuring good accessibility and mobile optimization. However, performance metrics are lacking, and the absence of DNS A/AAAA records raises questions about hosting and domain resolution. The site uses common JavaScript libraries and cookie consent management tools, indicating a mature digital infrastructure. From a security perspective, the site suffers from a critical issue: the SSL certificate is invalid or missing, which undermines HTTPS security and user trust. Additionally, no DNS records are publicly visible, and security headers are minimal. While no major vulnerabilities are detected, the lack of a valid SSL certificate and absence of advanced security policies reduce the overall security posture. Overall, the website is credible and professional but requires urgent security improvements, especially regarding SSL/TLS configuration and DNS setup, to enhance trust and compliance. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Strategic recommendations include obtaining a valid SSL certificate, improving DNS configurations, and publishing explicit security and incident response policies.

The website iq-mobile.at is a domain auction and brokerage platform operated by DomainProfi GmbH, specializing in reserved and premium domain names. It targets individuals and businesses seeking to acquire valuable domain assets through auctions and brokerage services. The platform offers multilingual support and a professional user interface, positioning itself as a niche player in the domain auction market. Technically, the site uses a standard web stack including nginx, Bootstrap, jQuery, and Font Awesome, but lacks a valid SSL/TLS certificate, which is a significant security shortfall. The absence of HTTPS undermines user trust and exposes the site to potential interception risks. Security headers are partially implemented, and cookies are set with secure attributes, but the lack of encryption is critical. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or explicit GDPR compliance indicators. Contact information is limited to an email address and contact forms, with no phone numbers or physical addresses disclosed. Overall, the site is functional and professionally presented but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GEA Group Aktiengesellschaft

gea.com

40

GEA Group Aktiengesellschaft is a leading global supplier of systems and components primarily serving the food, beverage, and pharmaceutical industries. Founded in 1881 and headquartered in Germany, GEA offers a comprehensive portfolio including machinery, plants, advanced process technology, components, and services. The company is publicly listed and recognized for its sustainability efforts, being part of major sustainability indices. Technically, the website is built on modern frameworks such as Next.js and hosted on Microsoft Azure, with a Sitecore CMS backend, providing a rich and well-structured user experience across multiple languages. However, the security posture is currently weak due to the absence of a valid SSL/TLS certificate and lack of HTTPS support, which poses significant risks to data integrity and user trust. Privacy and cookie policies are well implemented and GDPR compliant, reflecting a strong commitment to data protection. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in its security infrastructure to align with best practices and protect its users.

M

Metso

metso.com

40

Metso is a global enterprise specializing in sustainable technologies and end-to-end solutions for aggregates production, mining, and metals refining industries. The company positions itself as a partner for positive change, focusing on improving energy and water efficiency, productivity, and reducing environmental risks. Their offerings include products, parts, services, and advanced digitalization solutions integrating AI and cloud technologies. The website reflects a mature digital presence with comprehensive business information, investor relations, and sustainability commitments. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which poses significant risks to user data and trust. The site employs modern web technologies such as ASP.NET and Vue.js, and integrates analytics tools including Microsoft Application Insights and Hotjar, indicating a moderate level of digital maturity. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires urgent security improvements to enable HTTPS and strengthen its security posture.

Diagnosia.com is a healthcare-focused website offering a medical app designed to support doctors with medication information, dosage guidance, drug interaction alerts, and continuing education resources. The business is positioned as a trusted provider in the Austrian healthcare market, supported by its parent company APOVERLAG. The website uses a professional CMS (TYPO3) and modern frontend frameworks (Bootstrap), indicating moderate digital maturity. However, the site lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a critical security flaw. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is basic, with no cookie consent mechanism detected, though a comprehensive privacy policy is linked. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and trust.

The website raiba.at currently serves a 404 error page indicating that the requested content is not found or unavailable. The domain is registered under Austrian jurisdiction with DNS hosted on Cloudflare and email services protected by Microsoft Outlook. The technical infrastructure is based on Microsoft IIS 10.0 and ASP.NET, but no CMS or modern web technologies are detected. The absence of a valid SSL certificate and HTTPS support severely impacts the security posture, exposing visitors to potential risks. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. Overall, the website lacks content and professional presentation, resulting in a low trust and credibility score.

P

PSI CRO

psi-cro.com

32

PSI CRO is a well-established global Contract Research Organization specializing in clinical trial management and patient enrollment across multiple therapeutic areas. The website presents a professional and comprehensive digital presence, targeting pharmaceutical and biotech companies. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. Security headers are properly configured, but the lack of TLS support and valid certificates poses a significant risk. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the site is credible and trustworthy but requires urgent remediation of SSL/TLS issues to improve security posture and user trust.

K

Keller Limited

keller-uk.com

40

Keller Limited is a leading UK-based geotechnical specialist contractor providing expert services in piling, ground improvement, grouting, earth retention, and monitoring. The company holds a strong market position as a leader in the construction and infrastructure sectors, supported by multiple industry certifications and a clear parent company relationship with Keller Group. The website is professionally designed using Drupal 10, with good SEO, accessibility, and mobile optimization. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy and cookie policies. Contact information is clearly presented, including phone numbers and physical addresses, alongside active social media channels.

J

JATO Dynamics

jato.com

40

JATO Dynamics is a well-established global leader in automotive market research and business intelligence, providing comprehensive data and analytics solutions to the automotive industry. Their offerings include vehicle specifications, market analysis, integrated API solutions, and bespoke consultancy services. The website is professionally designed, content-rich, and targets automotive OEMs, retailers, leasing companies, and professional financial services. Technically, the site is built on HubSpot CMS with modern marketing and analytics tools, but suffers from poor SSL/TLS configuration, which is a critical security concern. Security headers are present but cannot compensate for the lack of a valid SSL certificate and TLS support. Privacy and cookie policies are comprehensive and GDPR compliant, though no explicit security or incident response policies are found. Overall, the website is trustworthy and credible but requires urgent remediation of its SSL and TLS security posture to protect users and maintain trust.

W

Webroot

webroot.com

40

Webroot, a subsidiary of Open Text Corporation, is a well-established cybersecurity company founded in 2004, providing multi-vector protection solutions for endpoints, networks, and identity protection. The company targets both home users and businesses, offering a broad portfolio of products including antivirus, identity protection, cloud backup, VPN, and threat intelligence services. The website reflects a mature enterprise with consistent branding, comprehensive content, and strong market positioning supported by industry awards and customer testimonials. Technically, the website is built on a Concrete5 CMS platform, leveraging Apache server technology, jQuery, Google Fonts, and is delivered via Imperva CDN. While the site is mobile-optimized and accessible with good SEO practices, performance data is limited and suggests moderate speed. The site uses modern marketing and analytics tools such as Google Tag Manager and Sitespect for tracking and optimization. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS or modern TLS protocols, which is a critical vulnerability exposing users to potential interception and attacks. Security headers are partially implemented but key protections like HSTS and OCSP stapling are missing. No explicit security policy or incident response information is provided, which could be improved to enhance trust and compliance. Overall, the website demonstrates high business credibility and content quality but suffers from significant security configuration issues that must be addressed to protect users and maintain compliance. Strategic improvements in SSL/TLS deployment and security best practices are recommended to elevate the security posture and user trust.

S

Simplity

simplity.eu

40

Simplity is a medium-sized consultancy specializing in data intelligence and customer analytics services, targeting companies of all sizes, particularly in e-commerce and financial services sectors. The company leverages a modern technical infrastructure including React, Gatsby, and Storyblok CMS, hosted on Cloudflare, and employs Google Tag Manager and Cookiebot for analytics and privacy compliance. While the website is professionally designed with excellent content quality and user experience, a critical security issue is the invalid SSL certificate, which undermines the security posture. Privacy and cookie policies are well implemented with consent mechanisms, but no direct contact emails or phone numbers are provided, relying on forms for communication. Overall, Simplity presents a credible and trustworthy business presence with room for security improvements.

I

IK Speditor - Transport & Logistics

ikspeditor.rs

26

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 29 security findings identified across all modules.

Greiner AG is a well-established Austrian enterprise specializing in manufacturing plastic and foam solutions with a global market presence. The company operates through three main subsidiaries: Greiner Bio-One, Greiner Packaging, and NEVEON, serving diverse industries including packaging, medical technology, automotive, and furniture. The website reflects a professional and comprehensive digital presence with detailed business descriptions, press releases, and social media integration. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

S

Simply Love LLC

simplylovefilms.com

40

Simply Love LLC operates a professional wedding cinematography business with a strong regional presence in Wisconsin and the Midwest, offering high-quality wedding films and related services. The website is built on Squarespace, featuring rich multimedia content and client testimonials that support its market position as a premier wedding videographer. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate, which undermines user trust and data security. Privacy compliance is minimal, lacking cookie consent mechanisms and comprehensive policies. Overall, the business demonstrates solid credibility and content quality but requires urgent improvements in security and privacy to meet modern standards.

W

Web Server's Default Page

uitservices.co.uk

24

The domain uitservices.co.uk currently hosts only a default Plesk web server page, indicating no active website or business presence. The page content is minimal, serving as a placeholder with links to Plesk resources and social media. There is no evidence of business operations, contact information, or customer engagement features. Technically, the site is served via nginx but lacks HTTPS support, security headers, and any modern web security best practices. The absence of SSL/TLS and security policies presents significant security risks and undermines user trust. Overall, the website is non-functional from a business or security perspective and requires substantial development and security improvements to be viable.

B

BAUR GmbH

baur.at

29

BAUR GmbH is a well-established Austrian company specializing in high-precision testing and measurement technology for electrical energy distribution systems, with a strong market position as a leader in cable fault location, cable testing, and insulating oil testing. The company operates internationally with multiple subsidiaries across Europe, the Americas, and Africa, offering products, services, and training to ensure reliable energy supply. Technically, the website is built on a modern JavaScript stack with RequireJS, jQuery, and various UI libraries, hosted on an Apache server. However, the primary domain baur.at lacks HTTPS, which is a significant security concern, although the main content is served securely on baur.eu. Security headers are partially implemented, but the absence of SSL/TLS and modern protocols reduces the security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website demonstrates good business credibility and technical maturity but requires urgent security improvements to protect user data and enhance trust.

A

acib GmbH

acib.at

35

acib GmbH is an international research center specializing in industrial biotechnology, focusing on sustainable and advanced processes for the biotech, pharmaceutical, and chemical industries. The website targets industry professionals, scientists, and the public, offering information about research projects, events, and career opportunities. The company maintains a moderate digital presence with a WordPress-based website enhanced by Elementor and several embedded multimedia services. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. While privacy compliance is well addressed through a comprehensive privacy policy and cookie consent mechanism, the lack of explicit security policies and incident response information indicates room for improvement in security governance. Overall, the site is professional and trustworthy but requires urgent security enhancements to protect user data and improve trust.

Pilz GmbH & Co. KG is a leading international provider of automation technology, specializing in components, systems, and services for safe automation. The company targets industrial automation customers, machine builders, and safety engineers with a comprehensive portfolio including products, consulting, training, and support. The website reflects a professional and consistent brand presence with detailed content tailored to its B2B audience in the manufacturing and technology sectors. Technically, the site uses Imperia CMS with JavaScript frameworks and integrates marketing and analytics tools such as Google Tag Manager, Cookiebot, and Etracker. However, the absence of a valid SSL certificate and lack of TLS support significantly weaken the security posture. Security headers are well configured, and privacy compliance is strong with GDPR-aligned cookie consent mechanisms. Overall, the website is trustworthy and professionally maintained but requires urgent SSL/TLS remediation to improve security and user trust.

L

Ledinek Engineering d.o.o.

ledinek.com

37

Ledinek Engineering d.o.o. is a Slovenia-based manufacturing company specializing in solid wood processing machinery and turnkey solutions for engineered wood products. The company holds a strong global market position with representatives in 25 countries and a broad client base exceeding 1395 customers. Their key offerings include planing profiling machines, finger jointing lines, engineered timber production lines, and automation solutions tailored for the woodworking industry. The website reflects a professional B2B business model targeting industrial clients and woodworking professionals worldwide. Technically, the website is built on an nginx server with Laravel backend and uses jQuery and Google Fonts for frontend enhancements. However, the site lacks a valid SSL certificate, serving content over HTTP only, which is a critical security shortfall. Security headers are minimal, and no advanced security policies or incident response information is publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

P

PwC Legal Rechtsanwälte GmbH

pwclegal.at

40

PwC Legal Österreich operates as a leading legal advisory firm in Austria, leveraging the global PwC network to provide comprehensive legal services across multiple sectors including corporate governance, compliance, data protection, and emerging technologies such as AI and blockchain. The website is professionally designed, targeting business clients in Austria with content primarily in German. Technically, the site uses modern JavaScript frameworks and Adobe Experience Manager CMS, but suffers from critical SSL/TLS misconfigurations that undermine its security posture. Despite strong branding and privacy compliance mechanisms like OneTrust cookie consent, the lack of HTTPS and valid certificates is a major security concern. Overall, the site is credible and trustworthy but requires urgent security improvements.

B

Bona AB

bona.com

38

Bona AB is a well-established family-owned company founded in 1919, specializing in manufacturing and distributing premium floor installation, renovation, and maintenance products globally. The company operates in over 90 countries with a strong focus on sustainability and product quality. Their website targets professional installers, homeowners, and distributors, offering comprehensive product lines and training. Technically, the website uses modern JavaScript frameworks (React), integrates multiple analytics and marketing tools, and is hosted behind Cloudflare. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is strong with clear policies and cookie consent mechanisms. Business credibility is high with transparent contact information and consistent branding. Overall, the site is professional but requires urgent security improvements.

J

Just a moment...

reactivereality.com

30

The website reactivereality.com is currently inaccessible due to a Cloudflare security challenge page that blocks access to actual content. The site lacks a valid SSL/TLS certificate, serving content over HTTP only, which severely impacts its security posture. No business or contact information, privacy policies, or terms of service are available for review. The technical infrastructure relies on Cloudflare for DNS and security, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Overall, the site is not accessible for meaningful content or business analysis, resulting in a low trust and security score.

N

Nowy Styl sp. z o.o.

nowystylgroup.com

30

Nowy Styl Group is a well-established manufacturer and supplier of office furniture and seating solutions, operating primarily in the manufacturing sector with a strong emphasis on sustainability and ergonomic design. The company targets businesses and organizations seeking comprehensive workplace furniture solutions, offering a broad product range including chairs, desks, tables, storage, and panels. The website reflects a mature and professional business with consistent branding and high-quality content. Technically, the website uses modern frameworks such as ASP.NET Core and Cloudflare for hosting and CDN services, with advanced UI components like Swiper.js and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of enabled TLS protocols represent critical security vulnerabilities that undermine the site's security posture. Privacy policies are comprehensive and GDPR compliant, and contact information is clearly presented across multiple channels. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

V

VCC USA

vccusa.com

20

VCC USA is a well-established general contractor and construction management company operating nationally in the United States. With a mature domain and over 38 years of industry experience, VCC offers a broad range of construction services across multiple sectors including hospitality, healthcare, retail, multifamily, and institutional projects. The website reflects a professional and comprehensive business presence with strong branding and clear service offerings. Technically, the site is built on WordPress with common plugins and libraries, but suffers from a critical lack of HTTPS/SSL, which severely impacts its security posture. The absence of modern TLS protocols and security headers further weakens its defense against common web threats. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, though terms of service and incident response policies are not evident. Social media integration and an ethics hotline demonstrate a commitment to transparency and ethical business practices. Overall, while the business credibility and content quality are high, the security deficiencies present a significant risk that should be remediated promptly.

I

Intersport

intersportnet.com

40

Intersport is a marketing and experiential marketing agency focused on bridging the gap between marketing campaigns and consumers to help brands create meaningful connections. The company targets brands seeking partnership consulting, platform development, experiential marketing, hospitality, and content creation services. The website is built on WordPress with a modern plugin stack including Yoast SEO, Essential Grid, and Contact Form 7, and integrates Google Analytics and Google Tag Manager for analytics and tracking. The site is mobile optimized and presents a professional design with clear navigation and social media presence. However, the lack of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. Privacy and cookie policies are present with a consent mechanism, but GDPR compliance is not fully evident. Contact information is comprehensive, including emails, phone numbers, and physical addresses. WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the site demonstrates good business credibility and technical implementation but requires urgent security improvements.

D

DBConcepts

dbconcepts.at

29

DBConcepts GmbH is a well-established Austrian IT company specializing in database technologies such as Oracle, PostgreSQL, and MSSQL, offering managed services, middleware infrastructure, and custom software development. The company positions itself as a trusted partner with over 25 years of experience and recognized certifications, including Oracle Specialized Partner status. Their website reflects a professional and comprehensive digital presence targeting businesses requiring high-availability database solutions and IT asset management. Technically, the site is built on WordPress with modern plugins and SEO tools, providing good user experience and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility and content quality are high, but urgent improvements in security infrastructure are recommended.

F

Frauscher Sensor Technology USA Inc.

frauscher.com

40

Frauscher Sensor Technology USA Inc. is a leading provider of highly reliable train detection and wayside object control solutions, serving rail operators and system integrators globally. The company offers a comprehensive portfolio including hardware components like wheel sensors and axle counters, software solutions, and smart life cycle services. With a strong market position and a global footprint, Frauscher is recognized for its innovation and quality in the transportation sector. Technically, the website is built on modern frameworks such as Nuxt.js and uses Storyblok CMS, hosted on AWS CloudFront. The site is well-optimized for mobile and SEO, with good accessibility features. However, performance is moderate and could be improved. From a security perspective, the site employs several security headers and has a proactive PSIRT program. However, the SSL certificate is currently invalid, which is a critical issue that impacts the overall security posture. Other security best practices are in place, but improvements in SSL configuration and CSP are recommended. Overall, the website presents a professional and trustworthy image, with comprehensive privacy and cookie policies in place. The domain registration is consistent with the business claims, enhancing credibility. Strategic recommendations include fixing SSL issues, enhancing security headers, and maintaining strong privacy compliance to further strengthen trust and security.

M

Moalach

moalach.at

25

Moalach is a small consultancy firm specializing in online marketing and data protection services tailored for the tourism sector in Austria, particularly the Tirol region. Founded in 2016 by Dominik Neuner, the company leverages deep industry experience and academic involvement to provide practical and strategic digital marketing solutions to small and medium-sized tourism businesses. The website presents a professional image with clear service offerings and client references, targeting tourism operators and destinations seeking digital transformation and compliance support. Technically, the website employs standard web technologies including Matomo analytics for user tracking, but lacks modern security implementations such as HTTPS and security headers. The site suffers from slow load times and does not implement cookie consent mechanisms, which may impact user trust and regulatory compliance. Hosting is provided by kasserver.com, and the domain registration aligns well with the business profile. From a security perspective, the absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception. The lack of security headers and session management features further weakens the site's security posture. Privacy compliance is partially addressed with a privacy policy present, but cookie consent and detailed data retention disclosures are missing. Overall, while the business model and content quality are solid and relevant to its niche, the technical and security shortcomings present risks that should be addressed promptly to enhance trust, compliance, and user experience.