Security Directory

S

Sensorbis GmbH

sensorbis.com

18

Sensorbis GmbH operates a cloud-based telemetry data management platform focused on Internet of Things (IoT) devices and sensors. The company provides subscription services enabling users to acquire, store, visualize, and export telemetry data with real-time charts, maps, and alert notifications. Their target audience includes IoT device operators, industrial machinery managers, and fleet tracking services. The business model centers on SaaS subscriptions with API and web interface management capabilities. The website content is professionally presented with consistent branding and relevant business descriptions, positioning Sensorbis as a niche player in the IoT telemetry cloud market. Technically, the website is built on ASP.NET WebForms with jQuery and Bootstrap, indicating a mature but somewhat dated technology stack. Performance is moderate to slow with a page load time exceeding 5 seconds and a large page size. Mobile optimization and accessibility are basic but functional. The site includes cookie consent mechanisms and privacy policy documentation, though GDPR compliance is not explicitly confirmed. Analytics tracking is present but disabled. From a security perspective, the site suffers from critical issues including the absence of a valid SSL certificate, missing DNS records, and lack of security headers. HTTPS is enforced in the application logic but without a valid certificate, exposing users to risks. No advanced security policies or incident response contacts are published. These vulnerabilities significantly reduce the security posture and trustworthiness of the site. Overall, Sensorbis GmbH presents a credible small technology company with a focused IoT telemetry service offering. However, critical security improvements are necessary to protect user data and enhance trust. Addressing SSL and DNS issues should be prioritized to improve the security score and user confidence.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Ankerbrot Holding GmbH

linauer.at

33

Linauer.at is a transitional website for the Linauer bakery brand, which is being integrated into the Ankerbrot Holding GmbH group, a well-established bakery company in Austria. The site primarily serves as a redirect landing page to the main Ankerbrot website, indicating a brand consolidation. The business operates in the retail bakery sector targeting consumers in Austria. The website content is minimal, focusing on brand transition with a video and countdown redirect. Technical infrastructure includes JavaScript libraries such as jQuery and RequireJS, hosted on ip.co.at nameservers. However, the site lacks HTTPS, which is a critical security deficiency. No security headers or cookie consent mechanisms are implemented, and performance is slow with a large page size and long load time. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site demonstrates basic digital maturity but requires significant security and privacy improvements.

G

Gentics Software GmbH

gentics.com

37

Gentics Software GmbH is a medium-sized technology company based in Austria specializing in enterprise content management solutions, e-government digital services, and customized software applications. Their website presents a professional and consistent brand image targeting enterprises and government agencies seeking digital transformation and content management platforms. The company offers a range of products including the Gentics Content Management Platform and related extensions. Technically, the website uses modern frameworks such as Bootstrap 5 and implements a GDPR-compliant cookie consent mechanism with opt-in functionality. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance is moderate with acceptable load times and resource counts, and the site is mobile optimized with basic accessibility features. From a security perspective, the absence of HTTPS and security headers significantly lowers the security posture. No incident response or security policy information is publicly available, and no contact information is provided on the site, which may impact user trust and compliance. DNS records show standard email protection via SPF but lack DNSSEC and CAA records. WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, while the business and content quality are good, the lack of HTTPS and security best practices present a significant risk. Strategic improvements in SSL deployment, security headers, and contact transparency are recommended to enhance trust and compliance.

C

Cosma

cosma.com

39

Cosma, a division of Magna International Inc., is a global provider of body, chassis, and engineering solutions primarily serving the automotive industry. The company leverages robust product engineering, tooling capabilities, and process expertise to deliver lightweight and innovative products to its customers worldwide. Positioned as a key group within a large multinational, Cosma targets automotive manufacturers and industry partners with a B2B business model focused on manufacturing and engineering services. Technically, the website is built on the Sitefinity CMS platform and utilizes modern JavaScript libraries such as jQuery, Google Tag Manager, and CookiePro for analytics and consent management. The site demonstrates good SEO, accessibility, and mobile optimization practices, with comprehensive privacy and cookie policies in place. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. From a security perspective, while the site implements strong content security policies and several security headers, the lack of HTTPS and TLS protocols is a critical vulnerability. This exposes users to potential data interception and undermines trust. No incident response or security policy information is publicly available, and no vulnerability disclosure or security.txt files were found. Overall, the website presents a professional and trustworthy business front with strong content and compliance practices but requires urgent remediation of its SSL/TLS configuration to meet modern security standards and protect user data effectively.

Teaching 2 Inspire is a small UK-based educational resource website focused on providing teaching tips, parenting advice, assemblies, and free materials to educators and parents. The website content is basic and somewhat dated, with a clear focus on inspirational teaching and learning practices. The technical infrastructure relies on nginx and ASP.NET, with Google Tag Manager used for analytics. However, the website lacks modern security measures, notably missing HTTPS and a valid SSL certificate, which poses significant risks to user data and trust. Privacy compliance is minimal, with no visible privacy or cookie policies, and no consent mechanisms for tracking. Overall, the website's security posture is weak, and the technical implementation is basic, limiting its professionalism and trustworthiness.

The domain apler.at currently hosts a minimal placeholder website indicating that the domain is not assigned to any webspace. There is no business content, no contact information, and no privacy or cookie policies present. The website is served over HTTP without SSL/TLS encryption, which is a significant security concern. The hosting provider is kasserver.com, and the server runs Apache. The lack of HTTPS and security headers exposes the site to potential risks and reduces user trust. Overall, the website is inactive and does not present any business or security maturity.

T

Trigon Entwicklungsberatung

trigon.at

20

Trigon Entwicklungsberatung is a well-established consulting firm specializing in organizational development, leadership, strategy, coaching, mediation, and innovation services primarily serving clients in Austria, Germany, and Switzerland. With over 40 years of experience and a team of 40+ consultants, the company holds a strong market position in the German-speaking consulting sector. Their website is professionally designed, content-rich, and targets organizational leaders and teams seeking transformational support. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and cookie management, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy policies are comprehensive and GDPR compliant, and contact information is clearly provided via email and forms. Social media presence on LinkedIn and Facebook supports brand trust and outreach.

K

Knorr-Bremse AG

knorr-bremse.com

40

Knorr-Bremse AG is a global leader in manufacturing braking systems and safety-critical sub-systems for rail and commercial vehicles. With a history spanning over 28 years, the company holds a strong market position as an innovator in mobility and transport technologies. Their business model focuses on delivering advanced braking and safety solutions, complemented by comprehensive investor relations and career development programs. Technically, the website is built on a modern Angular framework, hosted on Nginx and Amazon CloudFront, with good SEO and accessibility features. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the security posture. The site implements strong security headers and content policies but lacks advanced SSL configurations and session management. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent SSL deployment to enhance security and user trust.

The website gtechlottery.com currently serves as a simple redirect page directing visitors to a domain purchase platform at v2.sav.com. There is no active business content, no privacy or cookie policies, and no contact information available. The domain is registered and not vulnerable to subdomain takeover, but the lack of SSL/TLS certificate and HTTPS support significantly reduces its security posture and trustworthiness. Technically, the site is minimal, served by nginx, with no modern security or performance optimizations. Overall, the site appears to be parked or held for sale rather than representing an active business or service.

G

granITIC

granitic.eu

26

granITIC is a small IT consulting and software development company specializing in software architecture, Oracle and Java development, and medical office software solutions. The company targets sectors such as healthcare, production, industry, trade, aeronautical, and lottery. The website presents basic information about the business and its services but lacks detailed contact information and advanced content features. Technically, the website is hosted on an Apache server running Ubuntu, with Google Analytics integrated for visitor tracking. However, the site lacks HTTPS support, has no valid SSL certificate, and does not implement modern security headers or privacy compliance mechanisms. Performance data is unavailable, but the site appears minimal and slow, with poor mobile optimization and accessibility. From a security perspective, the absence of HTTPS and security headers represents a critical vulnerability, exposing users to potential data interception and undermining trust. The lack of privacy and cookie policies further indicates non-compliance with GDPR and related regulations. DNS and SPF records are properly configured, reducing email spoofing risks. Overall, the website's risk profile is elevated due to missing fundamental security controls and privacy compliance. Strategic improvements in SSL implementation, security headers, and privacy policies are essential to enhance trustworthiness and regulatory adherence.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

R

Raiffeisen Bank International

cashpresso.com

40

Cashpresso is a financial service platform provided by Raiffeisen Bank International AG, offering flexible credit and payment solutions such as installment payments and purchase on account. The website targets private and business customers primarily in Austria, providing a digital-first experience with quick online registration and management via mobile apps. The platform is well integrated with multiple partner shops and maintains a strong brand presence supported by awards and customer ratings. Technically, the site uses modern frameworks and Adobe Experience Manager CMS but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business appears legitimate and trustworthy, but the security posture requires urgent improvement to protect user data and maintain trust.

E

Erste Digital GmbH

s-itsolutions.com

39

Erste Digital GmbH is the digital and IT services arm of Erste Group, the largest banking group in Central and Eastern Europe. The company focuses on delivering best-in-class IT solutions and digital transformation services to banking entities across the region, supporting both operational and innovation activities. The website reflects a professional and modern digital presence with rich content describing the business and its mission to enhance financial health for millions of customers. Technically, the site uses modern web technologies including JavaScript modules, service workers, and ElasticSearch for search functionality, hosted behind Amazon CloudFront CDN for performance and reliability. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which significantly impacts the security posture and trustworthiness. Privacy and cookie policies are present and appear comprehensive, indicating good compliance with GDPR requirements. Contact information such as emails and phone numbers are not explicitly provided on the homepage, which may affect user engagement. Overall, the site demonstrates strong business credibility and technical maturity but requires urgent security improvements to enable HTTPS and strengthen its security framework.

W

weXelerate GmbH

wexelerate.com

28

weXelerate GmbH operates Austria's leading innovation ecosystem, founded in 2017 by Austrian corporates to foster innovation through a combination of physical hub space, ecosystem collaboration, and accelerator programs. The company targets innovative startups and corporates seeking to accelerate their innovation capabilities. The website is professionally designed using WordPress and Elementor, with strong SEO practices including structured data and Open Graph metadata. However, the site lacks HTTPS, which is a critical security vulnerability. Contact information and social media presence are clearly provided, supporting business credibility. The absence of a cookie consent mechanism and security headers indicates gaps in privacy compliance and security posture. Overall, the business is legitimate and well-positioned in its market, but technical and security improvements are needed to enhance trust and compliance.

Caverion Corporation is a leading northern European technical services and installation company specializing in building performance, infrastructure, and industrial site solutions. The company offers a broad range of services including automation, project management, energy solutions, and critical infrastructure support. It operates as part of the Assemblin Caverion Group, reflecting a strong market position in the energy and technical services sector. The website targets businesses and organizations seeking smart and sustainable built environment solutions. Technically, the site uses modern web technologies such as ASP.NET, Bootstrap, and Azure hosting with Cloudflare CDN. It employs multiple analytics and marketing tools, indicating a mature digital presence. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which is a critical vulnerability. Privacy and cookie policies are present and GDPR compliant, but no explicit security policy or incident response information is found. Overall, the website is professional and trustworthy but requires urgent SSL/TLS remediation to ensure secure communications.

C

CHONGQING JIANGJI DISTILLERY CO., LTD.

jiangjidistillery.com

30

Jiangji Distillery is a Chinese company specializing in the production and promotion of traditional Chinese baijiu and plum liqueur. The website presents a well-structured brand presence with detailed product categories, educational content about baijiu, and a focus on cultural heritage. The business targets consumers interested in authentic Chinese spirits and related cultural experiences. Technically, the website is built on WordPress with common plugins and uses Cloudflare as a CDN, but lacks a valid SSL certificate, which is a significant security concern. The site includes standard contact forms and social media integration, enhancing user engagement and brand reach. Security posture is weak due to missing HTTPS and incomplete security headers, while privacy compliance is minimal with only a basic privacy policy mention and no cookie consent mechanism. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to build trust and protect users.

B

Brenntag

brenntag.com

40

Brenntag is a global enterprise specializing in chemical distribution, logistics, and value-added services tailored to customer needs. The website serves as a multilingual portal with a splash page for country and language selection, indicating a broad international presence. The technical infrastructure leverages modern JavaScript frameworks such as Nuxt.js and integrates with Google Tag Manager and OneTrust for analytics and cookie consent management. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. No explicit privacy policy, terms of service, or contact information are readily available on the splash page, which may affect user trust and compliance. Overall, Brenntag's website reflects a professional business with good design and user experience but requires improvements in security and privacy compliance to enhance trust and regulatory adherence.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

O

Otto Austria Group GmbH

unito.at

26

Otto Austria Group GmbH is a major Austrian e-commerce retailer operating multiple online shops across Austria and Switzerland. The company is part of the larger Otto Group and offers a broad range of products including living, lifestyle, fashion, and technology. The website presents professional content with strong branding and clear navigation targeting online shoppers and potential employees. Technically, the site is built on WordPress with Elementor and uses modern web technologies but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security gap. The site complies well with GDPR and cookie consent requirements, showing a mature privacy posture. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the business is credible and trustworthy, but the technical security implementation requires urgent improvement to protect user data and enhance trust.

E

Eversheds Sutherland

eversheds.at

40

Eversheds Sutherland is a global law firm with a strong presence in Austria, offering a wide range of legal services across multiple sectors including banking, energy, technology, and real estate. The firm positions itself as a responsible business focused on helping clients, people, and communities to thrive. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to business clients seeking legal expertise. Technically, the site is built on a modern stack including React and Sitecore CMS, hosted on Microsoft Azure, and integrates various analytics and marketing tools. However, performance is currently slow, and there is room for improvement in SSL/TLS configuration and security hardening. Security posture is a concern due to the invalid SSL certificate and lack of enabled TLS protocols, which exposes users to risks and undermines trust. Despite strong security headers and content security policies, the absence of proper HTTPS implementation is a critical vulnerability. Overall, the site is professional and trustworthy from a business perspective but requires urgent security improvements to protect user data and maintain compliance. Strategic recommendations include fixing SSL issues, enabling modern TLS, and enhancing session security to align with best practices.

F

Florida Association of Insurance Agents

faia.com

38

The Florida Association of Insurance Agents (FAIA) operates as a non-profit membership organization dedicated to supporting Florida insurance agents through education, advocacy, and industry services. The website reflects a mature association with a broad offering of educational programs, advocacy resources, membership benefits, and preferred provider partnerships. The target audience is primarily insurance agents and agencies within Florida, with a focus on professional development and market access. The business model centers on membership dues, educational offerings, and partnerships with service providers. Technically, the website is built on Microsoft IIS with ASP.NET and Kentico CMS, utilizing common JavaScript libraries such as jQuery and Bootstrap. While the site is content-rich and professionally designed with clear navigation, it lacks a valid SSL certificate, which is a critical security deficiency. The absence of HTTPS undermines user trust and exposes visitors to potential risks. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism. Analytics tools like Google Analytics and Microsoft Clarity are used, indicating moderate user tracking. Overall, the website is functional and credible but requires urgent security improvements to align with best practices.

S

Sigma Phi Epsilon Fraternity

sigep.org

40

Sigma Phi Epsilon is a well-established national fraternity organization focused on building balanced men through leadership, brotherhood, and educational programs. The website serves a large audience including undergraduate members, alumni, and volunteers, providing resources such as scholarships, leadership development, and community engagement. The organization maintains a consistent brand and professional online presence with clear navigation and relevant content. Technically, the site is built on WordPress with modern plugins and hosted on WP Engine via Google Cloud infrastructure. However, the site currently lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Tracking technologies such as Google Analytics and Facebook Pixel are used extensively, but no cookie consent mechanism is implemented, indicating partial privacy compliance. Contact information and physical address are clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with best practices.

Z

Zahnarztpraxis Dr. Christian Pastor

zahnarzt-pastor.de

21

Zahnarztpraxis Dr. Christian Pastor is a small, local dental and oral surgery practice based in Beilstein, Germany. The website presents a professional image with a comprehensive range of dental services including prophylaxis, implantology, oral surgery, and aesthetic dentistry. The practice emphasizes patient-centered care and modern technology. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted by agenturserver.de, and includes cookie consent mechanisms and Google Tag Manager for analytics. However, the site lacks HTTPS encryption, which is a critical security flaw. Security headers are minimal, and no advanced security policies or incident response information is provided. The WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Canon Austria operates as a leading provider of digital imaging and printing products in Austria, offering a wide range of cameras, lenses, printers, and professional video solutions for both consumer and business markets. The website reflects a strong market position with comprehensive product offerings and professional services, supported by a consistent and well-branded digital presence. Technically, the site leverages modern web technologies and integrates multiple third-party platforms for marketing, analytics, and customer engagement, indicating a mature digital infrastructure. However, a critical security weakness is the absence of a valid SSL certificate and lack of HTTPS support, which significantly undermines the security posture despite the presence of robust security headers and policies. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and maintain trust.

A

APG

apg.nl

40

APG is a large Dutch pension fund service provider specializing in pension administration, asset management, and advisory services. The website is content-rich, professionally designed, and targets pension participants and institutional investors. The technical infrastructure includes Cloudflare hosting, Umbraco CMS, and multiple marketing and analytics tools such as Google Tag Manager and Cookiebot. However, a critical security issue is the absence of a valid SSL certificate and enabled TLS protocols, which severely impacts the security posture. Security headers are well implemented, but the lack of HTTPS reduces trust and security. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Contact information is primarily via web forms, with no explicit emails or phone numbers found. Social media presence is active on LinkedIn, Facebook, and Instagram. Overall, the website is professional and trustworthy but requires urgent SSL/TLS configuration improvements to enhance security and user trust.

Sulzer Ltd is a globally recognized leader in fluid engineering, specializing in the manufacturing and servicing of pumps, agitators, mixers, separation, and purification technologies. The company serves essential industries such as energy, manufacturing, and process industries, positioning itself as a key player in enabling sustainable and efficient industrial operations worldwide. Their website reflects a mature enterprise with comprehensive product and service offerings, strong branding, and a clear focus on sustainability and innovation. Technically, the website employs a modern technology stack including Apache server, Vue.js framework, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Pardot, and Hotjar. The site is hosted with Azure DNS and demonstrates good SEO and mobile optimization practices. However, performance metrics are not explicitly available. From a security perspective, while the site implements several important security headers and content security policies, it critically lacks a valid SSL/TLS certificate and does not support HTTPS, which severely undermines its security posture. This exposes users to potential risks and reduces trustworthiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website is professional and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve its security score. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security header configurations to protect users and maintain trust.

L

Lab42 Games

lab42.games

36

Lab42 Games is a UK-based medium-sized game development company specializing in cross-platform game development and co-development services. As part of the Sumo Group Ltd, it benefits from strong industry partnerships and a veteran management team. The website presents a professional image with clear business information, multiple industry awards, and a focus on recruitment and service offerings. Technically, the site uses OrchardCore CMS and jQuery, hosted on Microsoft IIS, but suffers from critical security shortcomings including lack of HTTPS and valid SSL certificates. Privacy and cookie policies are present, but GDPR compliance indicators are limited. The security posture is weak due to missing SSL, DMARC, DNSSEC, and incident response information. Overall, the site is functional and informative but requires urgent security improvements to protect users and enhance trust.

Diamond Aircraft Industries is a leading manufacturer in the General Aviation sector, specializing in the production of safe and efficient single and twin piston aircraft. The company offers a comprehensive range of products and services including aircraft manufacturing, flight school solutions, special mission aircraft, engine manufacturing through Austro Engine, and pilot and maintenance training. Their global presence is supported by a professional website built on TYPO3 CMS and hosted behind Cloudflare DNS services. The website demonstrates strong digital maturity with good design, navigation, and privacy compliance through the use of a consent management platform. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate, serving content over HTTP only, which significantly impacts the security posture. No explicit security or incident response policies are publicly available. Overall, the domain registration is consistent and trustworthy, aligning with the company's business claims.

T

The Jodel Venture GmbH

jodel-app.com

40

Jodel is a technology company operating a hyperlocal community social app designed to connect users instantly with people around them, primarily targeting young professionals and students (Gen Z and Y). The platform offers local tips, news, stories, and a tailored advertising service for brands, HR campaigns, and market research. The website is built on WordPress using Elementor and Elementor Pro, hosted behind Cloudflare CDN. Despite a professional design and good content quality, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Cookie consent is managed via Cookiebot, indicating good privacy compliance practices. However, no explicit contact information or security policies are found on the homepage, limiting direct user engagement and incident response readiness.

K

ktchng

ktchng.com

39

ktchng is a small Austrian-based technology and e-commerce company offering an augmented reality mobile app that enables users to scan products and environments to receive trend information, community content, and sales offers. The platform integrates a token reward system (KTC) that users can earn and redeem in the ktchng webshop and partner stores. The website is professionally designed with good content quality and consistent branding, targeting consumers interested in AR and digital shopping experiences. Technically, the site uses PHP backend with nginx, Amazon AWS hosting, CloudFront CDN, and integrates monitoring and analytics tools such as New Relic, Google Analytics, and Facebook Pixel. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. Contact information is clearly provided, including emails and phone numbers. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Broadcom Inc. is a global leader in technology, specializing in semiconductor products, enterprise software, and security solutions. The website reflects a professional and consistent brand presence targeting enterprise customers and technology professionals. The technical infrastructure leverages modern web technologies such as React and Cloudflare CDN, with extensive use of third-party marketing and analytics tools to support business operations and user engagement. However, the website currently suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. While security headers are well configured, the lack of HTTPS undermines user trust and data protection. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the site demonstrates good business credibility but requires urgent security improvements to align with best practices.

D

DIETZEL GmbH

dietzel-univolt.com

28

Dietzel Univolt is a medium-sized, independent family-owned manufacturing and distribution company specializing in electrical installation materials and related civil engineering products. With production facilities in Austria, Slovakia, and China, the company serves professional customers internationally, including regional subsidiaries in the UK and Hungary. The website reflects a professional and consistent brand presence with comprehensive product and service information, supporting a strong market position in manufacturing. Technically, the site uses a modern CMS and common web technologies but suffers from critical security shortcomings due to the lack of a valid SSL certificate and HTTPS support, which exposes users to risks. Privacy compliance is well addressed with clear cookie consent and privacy policies, aligning with GDPR requirements. Overall, the site is functional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

K

KremsChem Austria

metadynea.com

24

KremsChem Austria is a well-established chemical manufacturing company specializing in adhesives, resins, fine chemicals, and flame retardants. The company holds a strong regional market position in Austria and emphasizes sustainability and innovation. Their website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. However, the lack of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site includes GDPR-compliant cookie consent mechanisms and active social media engagement, but lacks explicit published security or incident response policies. Overall, the business appears credible and mature, but urgent improvements in security infrastructure are recommended.

D

dm Slovensko

dm-drogeriemarkt.sk

40

dm Slovensko operates a well-branded online drugstore e-commerce platform targeting Slovak consumers with a broad range of personal care and health products. The website leverages a modern JavaScript and CSS technology stack with integrations from multiple third-party services for analytics, marketing, and user consent management. The technical infrastructure is hosted on Google Cloud, indicating a scalable and reliable hosting environment. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS availability, which is a critical security concern. Security headers are mostly well implemented, but the disabled X-XSS-Protection header and malformed DNS CAA records indicate areas for improvement. Privacy and cookie policies are not detected in the provided content, representing a compliance gap with GDPR and related regulations. Overall, the website is functional and professionally designed but requires urgent security and compliance enhancements to protect user data and build trust.

R

REICHLUNDPARTNER Werbeagentur

reichlundpartner.com

38

REICHLUNDPARTNER Werbeagentur is a well-established, large full-service advertising agency based in Austria with offices in Linz, Vienna, and Graz. The company offers a broad range of marketing and communication services including advertising, digital marketing, media planning, public relations, social media, event management, and innovative business model development through its Future Thinking division. The agency holds a strong market position supported by numerous industry awards and a large, skilled team. The website reflects a professional and comprehensive digital presence with multilingual support and clear branding. Technically, the site is built on WordPress with modern tools like Google Tag Manager and HubSpot integration, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant. Contact information is clearly provided with multiple channels and physical addresses. Overall, the business credibility and content quality are high, but urgent security improvements are recommended.

Y

Yahoo Inc

maven.net

40

Yahoo Inc. operates a comprehensive corporate website showcasing its position as a global media and technology company with a strong focus on advertising solutions and digital media services. The site highlights key offerings such as Yahoo Ads, Yahoo DSP, and Yahoo Search, targeting advertisers and partners worldwide. The company leverages a modern technical infrastructure including Webflow CMS, AWS hosting, and Cloudflare CDN, supported by Google Tag Manager for analytics and marketing. While the website design and content quality are excellent, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses significant risks for data confidentiality and user trust. Privacy policies and terms of service are well documented, reflecting good compliance practices. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to align with best practices and protect users.

DiaSorin S.p.A. operates a comprehensive corporate website focused on molecular diagnostics, immunodiagnostics, and licensed technology platforms. The company positions itself as a global leader in laboratory diagnostics, targeting healthcare providers, laboratories, and scientific communities. The website provides extensive product information, corporate governance details, investor relations, and career opportunities, reflecting a mature and professional business presence. Technically, the site is built on Drupal 10 with modern front-end technologies and integrates marketing and analytics tools such as Google Tag Manager and Cookiebot for privacy compliance. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. Security headers are partially implemented, but the lack of HTTPS significantly lowers the security posture. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

A

Avconjet

avconjet.at

40

Avconjet is a prominent European private jet management and charter company operating a fleet of over 100 aircraft worldwide. The company offers comprehensive services including jet management, business jet charter, aircraft sales and acquisition, aviation consulting, and asset management. Their market position is strong with an international presence and recognized certifications such as IS-BAO Stage 2 and WYVERN verification. Technically, the website is built on WordPress with Elementor and optimized using WP Rocket, providing a good user experience and SEO optimization. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent improvements in SSL and security configurations.

X

XAL

xal.com

40

XAL is a well-established Austrian company specializing in innovative LED lighting solutions with a strong focus on design, sustainability, and tailored products for various applications including commercial, retail, and hospitality sectors. The company maintains a global presence with subsidiaries and a parent group, offering a comprehensive range of lighting products and digital services. Technically, the website is built on the Pimcore CMS platform, utilizing modern frameworks like Bootstrap and analytics tools such as Matomo, with good privacy compliance via OneTrust. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken the security posture, exposing the site to potential risks. Despite this, the site demonstrates excellent content quality, professional design, and strong business credibility. Strategic improvements in SSL implementation and security configurations are critical to enhance trust and protect user data.

S

STRG

strg.at

37

STRG is a well-established Austrian technology and research company specializing in custom software solutions, AI research, and digital transformation services. With over 20 years of experience, STRG offers a modular approach to software development, integrating AI and sustainability principles to optimize business processes across various industries including manufacturing, healthcare, finance, and media. The company maintains a strong market position supported by client testimonials, case studies, and industry partnerships. Technically, the website is built on WordPress with Elementor and employs modern web technologies and performance optimizations. However, the absence of a valid SSL certificate and HTTPS configuration is a critical security gap that undermines user trust and data protection. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, STRG demonstrates a mature digital presence but must urgently address its SSL/TLS security to enhance its security posture and trustworthiness.

J

Jarltech Europe GmbH

jarltech.com

40

Jarltech Europe GmbH is a well-established specialist distributor in the technology sector, focusing on point-of-sale and automatic identification equipment across Europe. With a mature domain and a broad manufacturer partnership network, it serves a large customer base with premium distribution services. The website is professionally designed, content-rich, and provides comprehensive legal and privacy information, reflecting a strong commitment to GDPR compliance and user privacy. Technically, the site uses Drupal 10 with modern web technologies and integrates reputable analytics and marketing tools, although performance is moderate. Security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which is a critical risk that should be addressed promptly. Overall, the business demonstrates high credibility and transparency, but the security configuration requires urgent improvement to protect user data and maintain trust.

I

ICMPD

icmpd.org

40

ICMPD is an established international organization focused on migration policy development, capacity building, and research, serving 21 member states with a global project footprint. The website reflects a mature, professional entity with comprehensive content and strong branding consistency. Technically, the site uses modern CMS technology (eZ Platform) and integrates analytics tools like Google Analytics and Matomo, but suffers from poor SSL implementation and lacks critical security headers, impacting its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

M

Munich Business School

munich-business-school.de

25

Munich Business School is a well-established private higher education institution in Germany specializing in international business education. It offers a range of degree programs including Bachelor, Master, MBA, and DBA with a strong emphasis on practical experience, small class sizes, and societal impact. The school holds multiple prestigious accreditations such as AACSB and FIBAA, positioning it as a leading private business school in Germany. Technically, the website is built on TYPO3 CMS and integrates modern marketing and analytics tools like Google Tag Manager and Matomo, along with a consent management platform for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS availability, which significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good compliance practices. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

BRANDL TALOS Rechtsanwälte GmbH

btp.at

26

BRANDL TALOS Rechtsanwälte GmbH is a leading Austrian law firm specializing in a broad range of legal services including labor law, compliance, corporate transactions, and regulatory matters. The firm targets business clients seeking expert legal advice to support their commercial success. The website reflects a professional and comprehensive presentation of their services and expertise, positioning them as a trusted partner in the Austrian legal market. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security shortfall. Security posture is weak due to missing HTTPS and security headers, though no active vulnerabilities or malware were detected. Privacy compliance is strong with a clear GDPR-compliant privacy and cookie policy. Overall, the site is credible and professional but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL implementation, security header deployment, and performance optimization to improve user experience and security.

S

Steyr Motors AG

steyr-motors.com

20

Steyr Motors AG is a mature Austrian company specializing in the development and production of high-performance diesel engines for heavy-duty vehicles and marine applications. The company offers a range of products including marine engines, vehicle engines, generator sets, and integrated software solutions, supporting customers throughout the product lifecycle. The website reflects a professional and well-structured digital presence with multilingual support and investor relations content. Technically, the site is built on WordPress with modern plugins for SEO and cookie management, but critically lacks a valid SSL certificate, exposing users to security risks. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Business credibility is strong with clear contact information, certifications, and legal documents available. Overall, the site is functional and professional but requires urgent security improvements to enable HTTPS and enhance trust.

Z

Zukunftsinstitut GmbH

zukunftsinstitut.de

38

Zukunftsinstitut GmbH is a reputable future research and consulting company based in Germany with a subsidiary in Austria. The company specializes in transforming exclusive trend analyses into actionable strategies and concepts for organizations. Their market position is strong, supported by a professional website, a broad range of services including research, consulting, publishing, keynotes, and conferences, and a solid client base evidenced by displayed client logos. Technically, the website is built on HubSpot CMS, leveraging modern JavaScript libraries and integrates Google Analytics and Tag Manager for marketing and analytics. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which poses a critical risk. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

The website ask-us.cc represents a business entity named 'ask-us!! GesmbH' but currently hosts only a minimal placeholder page stating 'In Arbeit!!!' indicating that the site is under construction or inactive. There is no substantive business description, contact information, or user engagement features. The technical infrastructure is basic, served by an Apache server with no SSL certificate installed, resulting in an unsecured HTTP connection. DNS records are standard with no DNSSEC or CAA enforcement, and the hosting provider appears to be easyname.eu. Security posture is weak due to lack of HTTPS, minimal security headers, and absence of privacy or cookie policies. No analytics or tracking technologies are detected, and no social media or external links are present. The WHOIS data confirms domain registration but lacks detailed registrant information, which combined with minimal site content, reduces trustworthiness. Overall, the site is not production-ready and poses security and compliance risks.

SunEdison operates in the energy sector, but the current website at sunedison.com provides minimal content, consisting solely of a redirect script to a subpath (/lander). The lack of metadata, business information, or contact details limits the ability to fully assess the company's market position or services. The domain is registered with standard DNS records and uses Microsoft Outlook for mail exchange, indicating some level of operational infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. No privacy or cookie policies are present, and no security best practices such as security headers or DNSSEC are implemented. Overall, the website appears underdeveloped or in a placeholder state, which impacts trust and user experience negatively.