Security Directory

E

eMAGNETIX Online Marketing GmbH

emagnetix.at

26

eMAGNETIX Online Marketing GmbH is a well-established digital marketing agency based in Austria, specializing in tailored online marketing solutions including SEO, performance advertising, content marketing, and data analytics. With over 15 years of experience and a strong client base including tourism sector businesses, the company holds premium partnerships with major platforms such as Google, Microsoft, and Meta, reinforcing its market position. The website reflects a professional and consistent brand image with comprehensive service offerings and clear contact channels. Technically, the site is built on WordPress with modern JavaScript libraries and integrates multiple marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates strong credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure user interactions and maintain trust.

A

applics GmbH

applics.at

26

applics GmbH is a small Austrian technology company specializing in the development of web-based solutions including web applications, webshops, and corporate websites. The company targets business clients seeking to optimize and digitize their processes and online presence. Their market position is supported by a portfolio of notable clients and detailed project case studies, indicating a stable regional presence since at least 2015. Technically, the website is built on WordPress with PHP 7.4 and uses common web technologies such as jQuery and Google Maps API. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. The site lacks modern security headers and cookie consent mechanisms, which may expose it to compliance risks under GDPR. Business contact information is clearly provided, including phone, email, physical address, and a contact form, enhancing credibility. Overall, the website is professionally designed and SEO optimized but requires urgent security improvements.

G

Gigaset AG

gigaset.com

39

Gigaset AG is a well-established German company specializing in the manufacture and sale of telecommunication devices including phones, smartphones, and enterprise communication solutions. The company holds a strong market position in Europe as a leader in quality telephony products, emphasizing German manufacturing. Their website reflects a professional business model targeting both consumer and business customers with a comprehensive product portfolio and support services. Technically, the site is built on a Magento eCommerce platform with modern JavaScript libraries and integrates multiple marketing and analytics tools, demonstrating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The site implements good privacy and cookie policies with a consent management platform, aligning with GDPR requirements. Overall, the business credibility and content quality are good, but the security posture requires urgent improvement to protect user data and maintain trust.

ProSiebenSat.1 PULS 4 GmbH is a leading private media company in Austria, specializing in TV broadcasting and digital advertising solutions. The company operates multiple TV channels and digital platforms, including the popular streaming service JOYN, and offers innovative advertising products such as TV-LOAD and Addressable TV. Their market position is strong, supported by a comprehensive portfolio and a focus on integrated advertising solutions. Technically, the website is built on modern frameworks like Nuxt.js and Vue.js, hosted on AWS with content managed via DatoCMS, providing a good user experience and mobile optimization. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies, and contact information is readily available. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

ALPINE Bau GmbH is an Austrian construction company currently in insolvency proceedings since 2013. The website primarily serves as an informational portal regarding the insolvency status and provides official legal references and company contact details. The business operates in the manufacturing sector with a focus on construction services. The company is small-sized and based in Austria, with official registration and VAT numbers clearly displayed. Technically, the website is very basic, served over HTTP without SSL/TLS encryption, hosted on an Apache server with DNS hosted by world4you.at. There is no evidence of modern web technologies, CMS, or performance optimization. The site lacks mobile optimization and accessibility features, and no analytics or marketing tools are detected. From a security perspective, the absence of HTTPS is a critical vulnerability, exposing users to potential data interception. No security headers or advanced configurations are present, and no privacy or cookie policies are implemented, indicating poor compliance with GDPR and modern privacy standards. Contact information is limited to an email and physical address, with no phone or social media presence. Overall, the website presents significant risks due to lack of encryption and privacy compliance, minimal content, and outdated technical implementation. Strategic recommendations include immediate implementation of HTTPS, addition of privacy and cookie policies, enhancement of security headers, and modernization of the website to improve trust and user experience.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website for viforpharma.com is currently inaccessible, displaying only a minimal HTML page with an 'Access to the requested page has been denied' message. This indicates that the site is either behind a web application firewall or has restricted access, preventing content analysis. The domain is mature, registered since 2008, and maintained with a reputable registrar, but no business or contact information is available on the site itself. Technically, the site runs on Microsoft IIS 8.5 with ASP.NET 4.0, but lacks a valid SSL/TLS certificate and does not support any modern TLS protocols, resulting in a poor security posture. Security headers are partially present but ineffective without HTTPS. Overall, the site scores very low on content quality, security, and privacy compliance due to the lack of accessible content and missing HTTPS.

Bowas-Induplan Chemie Ges.m.b.h. is a mature, internationally active plant engineering company specializing in chemical plants for the energetic materials industry. With over 200 projects completed globally and a subsidiary in India, the company demonstrates a solid market presence and expertise in environmentally responsible industrial solutions. The website is professionally designed using Contao CMS and includes modern features such as cookie consent management via Cookiebot. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture, exposing visitors to potential risks. Additionally, the domain is at high expiry risk with no domain protection locks, which could threaten business continuity if not addressed promptly. Privacy compliance is basic, with a privacy policy linked but no explicit GDPR compliance statements or data protection officer contact. Overall, the site presents a credible business but requires urgent security improvements.

T

techbold technology group AG

semizen.com

33

techbold technology group AG is a well-established IT service provider based in Austria, specializing in secure IT systems and digital strategies for small and medium-sized enterprises (SMEs). With over 25 years of domain maturity and a large team of 170 IT specialists, techbold offers a comprehensive range of services including IT security, consulting, managed services, and hardware solutions. The company holds multiple certifications and partnerships with leading technology vendors, reinforcing its market position as a trusted partner for the Austrian SME sector. Technically, the website is built on WordPress with the Avada theme and integrates modern tools such as Google Tag Manager, Borlabs Cookie for consent management, and PixelYourSite for tracking. The site is well-optimized for performance and mobile responsiveness, providing a professional user experience. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. From a security perspective, while several security headers are properly configured, the lack of HTTPS and modern TLS protocols exposes the site to potential risks. The company demonstrates good privacy compliance with clear privacy and cookie policies and consent mechanisms. Business credibility is strong, supported by detailed contact information, certifications, and positive customer satisfaction indicators. Overall, techbold presents a professional and trustworthy online presence with excellent content and business information. The primary recommendation is to urgently implement a valid SSL certificate and enable HTTPS to enhance security and user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

H

Handelskammer Schweiz-Österreich-Liechtenstein

hk-schweiz.at

37

The Handelskammer Schweiz-Österreich-Liechtenstein operates as a well-established chamber of commerce serving companies and economic actors in Switzerland, Austria, Liechtenstein, and the CEE region. Founded in 1921, it provides networking opportunities, market support services, economic data, and events to its members, positioning itself as a key business hub in the region. The website reflects a professional and consistent brand with clear business information and relevant content for its target audience. Technically, the site is built on Drupal 7 with jQuery and uses Matomo for analytics, but it suffers from slow performance and lacks modern security features. Critically, the absence of HTTPS and modern TLS protocols exposes the site to significant security risks. Security headers are partially implemented, but no incident response or security policies are published. Privacy compliance is basic, with no cookie consent mechanism detected despite GDPR applicability. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and maintain trust.

A

Applied Medical Resources Corporation

appliedmedical.com

37

Applied Medical Resources Corporation operates a professional corporate website focused on medical device manufacturing and clinical education. The company positions itself as a global leader in minimally invasive surgical technologies with a vertically integrated business model. The website targets healthcare professionals, potential employees, and customers worldwide, offering detailed product information, career opportunities, and educational resources. Technically, the site uses ASP.NET MVC on Microsoft IIS with common web libraries like jQuery and Bootstrap, hosted on Azure CDN infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site lacks cookie consent mechanisms and explicit GDPR compliance indicators, which may pose privacy compliance challenges. Business credibility is supported by consistent branding, clear contact information, and legal compliance pages. Overall, the site is professionally designed and functional but requires urgent security improvements to protect user data and enhance trust.

D

DeepOcean

deepoceangroup.com

40

DeepOcean is a leading ocean services provider specializing in accelerating sustainable use of ocean resources. The company operates across multiple sectors including renewables, oil and gas, and ocean minerals, offering full lifecycle services such as survey, project management, engineering, maintenance, and recycling. With a strong emphasis on digitalization and remote operations, DeepOcean positions itself as a technology-driven leader in the energy transition space. The website reflects a professional and consistent brand image targeting industry stakeholders, investors, and potential employees. Technically, the website is built on the Webflow platform, leveraging modern web technologies including jQuery, Google Tag Manager, and Cookiebot for consent management. Hosting and CDN services are provided via Cloudflare and Webflow. While the site demonstrates good design quality, mobile optimization, and SEO practices, performance metrics are unavailable. Accessibility is basic but present. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. Although some security headers are present, the absence of TLS protocols and cipher suites severely undermines the security posture. Cookie consent mechanisms are implemented, and privacy policies are comprehensive and GDPR compliant. However, incident response and vulnerability disclosure information are missing. Overall, the website is credible and professionally maintained but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL deployment, enhanced security header configurations, and the addition of incident response contacts to strengthen the security culture and compliance posture.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Dunelm

dunelm.com

40

Dunelm is a prominent UK-based retailer specializing in homeware, furniture, and related products, offering a comprehensive e-commerce platform alongside physical stores. The website demonstrates a mature digital presence with extensive product categories, clear navigation, and strong branding. Technically, the site leverages modern technologies including React, Algolia for search, and integrates multiple third-party services for payments, analytics, and marketing. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. While security headers are present, the lack of proper TLS configuration exposes the site to significant risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy from a business perspective but requires urgent remediation of its SSL/TLS configuration to ensure user data protection and trust.

E

ENI

eni.com

40

Eni is a large, established integrated energy company headquartered in Italy with a strong global presence and diversified energy portfolio including oil & gas, renewables, and bioenergy. The website reflects a mature digital presence with comprehensive content covering corporate governance, sustainability, investor relations, and career opportunities. Technically, the site uses modern frameworks like Bootstrap and jQuery, hosted on Akamai CDN, and employs Adobe Helix for content management. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

I

it-novum GmbH

it-novum.com

31

it-novum GmbH is a leading IT consulting and implementation company specializing in Business Open Source and digital transformation within the DACH region. As a subsidiary of Allgeier SE, it has nearly 20 years of experience serving medium-sized businesses, large enterprises, and the public sector. The company offers key services including Big Data Analytics & IoT, IT Service Management, and Enterprise Information Management. The website reflects a professional and consistent brand image with comprehensive content and clear navigation tailored to its target audience. Technically, the website is built on WordPress using Elementor and Astra theme, incorporating modern web technologies and plugins such as Borlabs Cookie for consent management and WP Rocket for performance optimization. While mobile optimization and SEO practices are good, the website currently suffers from an invalid SSL certificate and lacks support for modern TLS protocols, which is a critical security concern. Security posture is moderate with some security headers present and no known vulnerabilities detected, but the invalid SSL certificate significantly reduces trust and security scores. Privacy compliance is strong, with clear privacy and cookie policies and active consent mechanisms. Business credibility is high, supported by detailed contact information, social media presence, and structured data. Overall, the website is professional and trustworthy but requires urgent remediation of SSL issues to improve security and user trust. Strategic recommendations include fixing SSL, enhancing security headers, and maintaining up-to-date software to ensure robust protection and compliance.

A

ACN Opportunity, LLC

myacn.com

40

ACN Opportunity, LLC operates a mature and established website offering essential services such as internet, energy, and wireless, combined with a home-based business opportunity model. The company targets individuals interested in essential services and entrepreneurial ventures, positioning itself as a trusted provider with strong industry memberships and a broad social media presence. Technically, the website leverages modern frontend technologies including Joomla CMS, Bootstrap, jQuery, and Swiper.js, hosted on AWS infrastructure with CloudFront CDN. The site is mobile optimized and SEO friendly, though performance metrics are unavailable. Security posture is weak due to the absence of a valid SSL certificate and HTTPS enforcement, despite the presence of several security headers. Privacy compliance is strong with comprehensive policies and a OneTrust cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

H

HAUSER GmbH

hauser.com

28

HAUSER GmbH is a well-established European provider specializing in refrigeration furniture and cooling technology, serving international clients primarily in the food retail and industrial sectors. The company offers comprehensive solutions including innovative, energy-efficient cooling systems, project management, and lifecycle services. With approximately 75 years of experience, HAUSER holds a strong market position as a trusted B2B Komplettanbieter in Austria and Europe. The website is professionally designed, content-rich, and targets business customers seeking high-quality refrigeration solutions. Technically, the website is built on Drupal 10 and employs modern web technologies including Matomo for analytics and TRUENDO for privacy management. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. Performance data is missing, and DNS records are incomplete, suggesting possible use of CDN or proxy services. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, while several security headers are implemented, the absence of HTTPS and TLS protocols severely undermines the security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure mechanisms are found. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, HAUSER GmbH presents a credible and professional business online presence but must urgently address SSL/TLS implementation to improve security and trust. Strategic recommendations include securing the website with valid certificates, enabling modern TLS protocols, and enhancing security transparency to align with best practices and regulatory requirements.

E

ETM professional control GmbH

etm.at

40

ETM professional control GmbH is a medium-sized Austrian company specializing in the development of the SIMATIC WinCC Open Architecture SCADA system, serving critical industrial sectors such as energy, transportation, and building automation. As a wholly owned subsidiary of Siemens AG, ETM benefits from strong corporate backing and a global partner network, positioning it as a reputable player in industrial automation software. The website reflects a professional and consistent brand presence with detailed company history and management information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Adobe DTM and Google Analytics. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to risks and reducing trust. Security headers are present but insufficient without proper TLS implementation. Privacy and cookie policies are linked to Siemens global pages, indicating good compliance with GDPR and related regulations. Overall, the site is content-rich and credible but requires urgent security improvements to protect users and enhance trust.

C

CeMM Research Center for Molecular Medicine of the Austrian Academy of Sciences

cemm.at

26

CeMM is a reputable interdisciplinary research center affiliated with the Austrian Academy of Sciences, focusing on molecular medicine and biomedical research. The website reflects a strong academic and scientific orientation, targeting researchers, students, and collaborators. The technical infrastructure is based on TYPO3 CMS with Apache hosting, and includes privacy-conscious analytics via Matomo. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site is well designed, mobile optimized, and rich in content, but security improvements are urgently needed to align with best practices and compliance requirements.

P

Philosophtware

philosophtware.com

28

Philosophtware is a small technology-focused business presenting itself as an IT consulting or software solutions provider. The website content is minimal, with a simple slogan and a single contact email, lacking detailed business descriptions or multiple contact channels. The technical infrastructure is basic, hosted likely on netcup servers, with no modern CMS or frameworks detected. Performance is slow despite the small page size, and SEO and accessibility optimizations are absent. Security posture is weak, with no valid SSL certificate, no HTTPS support, and no security headers or advanced configurations. The presence of Comodo TrustLogo scripts without a valid SSL certificate may mislead visitors about the site's security. Overall, the site lacks critical compliance documents such as privacy and cookie policies, reducing trust and compliance standing.

F

Freshfields

freshfields.com

40

Freshfields is a leading global law firm serving the world’s biggest international organizations with comprehensive legal advisory services. The firm is well-positioned in the market with elite rankings and a strong brand presence. Their website reflects a mature digital infrastructure using modern web technologies such as React and Next.js, hosted on Cloudflare with extensive use of analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure client interactions.

C

CloudBees, Inc.

cloudbees.com

40

CloudBees, Inc. is a leading enterprise software company specializing in continuous integration and continuous delivery (CI/CD) solutions, primarily based on Jenkins. The company offers a comprehensive suite of DevOps tools and platforms designed to accelerate software delivery, improve developer productivity, and ensure security and compliance at scale. CloudBees holds a strong market position as the #1 Jenkins enterprise CI/CD platform provider, serving large enterprises globally with a focus on technology sectors. Their business model includes SaaS and on-premises offerings, targeting enterprise development teams and IT executives. Technically, CloudBees employs modern web technologies such as React and Next.js, hosted on AWS infrastructure with integrations to major cloud providers. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Marketing and analytics tools are implemented with user consent mechanisms, reflecting privacy compliance. From a security perspective, while the website implements multiple security headers and policies, a critical issue is the invalid or missing SSL certificate and disabled TLS protocols, which significantly impact the security posture. The company maintains security policies, incident response contacts, and certifications such as SOC 2 and ISO 27001, indicating a mature security framework. However, immediate remediation of SSL and TLS configurations is necessary to protect user data and maintain trust. Overall, CloudBees presents a professional and trustworthy online presence with strong business credibility and technical infrastructure. Addressing the SSL and TLS issues will elevate their security posture and align with their enterprise-grade offerings.

B

BETTERHOMES AG

betterhomes-international.com

38

BETTERHOMES AG operates as an international technology-driven real estate franchise company, pioneering a hybrid brokerage model that combines proprietary software with local market expertise. Founded in 2005 in Zurich, it holds a strong market position as the largest independent real estate broker in Switzerland and has expanded across the DACH region with plans for further international growth. The company offers franchise opportunities supported by advanced technology and a strong partner development culture. Technically, the website is built on modern frameworks including PHP 8.2, Flow Framework, and Neos CMS, with integrations of Bootstrap, FontAwesome, and various JavaScript libraries. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site presents professional content and strong business credibility but requires urgent security improvements to protect user data and maintain trust.

W

Wien Energie GmbH

wienenergie.at

39

Wien Energie GmbH is the largest regional energy supplier in Austria, serving approximately two million people and 230,000 commercial and industrial customers in and around Vienna. The company offers a broad range of energy-related services including electricity, natural gas, district heating, e-mobility, telecommunications, and energy consulting. It operates under the Wiener Stadtwerke Group, reflecting a strong market position and extensive service portfolio. The website is professionally designed with comprehensive content targeting both private and business customers, supported by active social media engagement and clear navigation.

G

Gebauer & Griller

griller.at

40

Gebauer & Griller (GG Group) is a well-established international family-owned manufacturing group specializing in high-quality wires, cables, and wiring systems for automotive and industrial applications. The company positions itself as a leading provider in energy and data transmission sectors, emphasizing customized solutions, innovation, and strong partnerships. The website reflects a professional digital presence with comprehensive content, including corporate videos, social media integration, and detailed product and corporate information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates third-party services such as Google reCAPTCHA, Google Maps, Vimeo, and Flockler social feeds. However, the website currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical security concern. Security headers are partially implemented, but important features like HSTS and OCSP stapling are missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Contact information is comprehensive, including multiple global office addresses, emails, and phone numbers. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

The website prevero.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page, which prevents access to any substantive content. The page presented is a security challenge indicating that the user has been blocked, likely due to triggering security rules. No business-related content, metadata, or contact information is available for analysis. The SSL/TLS configuration is invalid, with no valid certificate installed and no modern TLS protocols enabled, which severely impacts the security posture. The site uses Cloudflare as a hosting and security provider but lacks proper HTTPS implementation. Due to the blocking and lack of accessible content, the overall digital maturity and business credibility cannot be assessed accurately.

M

Merkur Versicherung AG

merkur.at

40

Merkur Versicherung AG is Austria's oldest insurance company, specializing in private health, accident, life, property, and legal protection insurance. Positioned as the second largest private health insurer in Austria, it serves a broad audience including private customers, employees, and businesses. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on Liferay DXP with React and Clay UI components, but suffers from critical SSL misconfiguration that undermines its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and disabled TLS protocols present significant risks. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of SSL issues to ensure secure user interactions.

BRAUN Maschinenfabrik Gesellschaft m.b.H. is a well-established Austrian manufacturing company specializing in steel cutting and grinding machines, hydraulic steel structures, and decommissioning technologies. Founded in 1848, the company holds a strong market position as a technology leader with a global presence, serving industrial clients primarily in the energy and manufacturing sectors. Their product portfolio includes customized solutions for cutting, grinding, and dismantling applications, supported by in-house engineering and automation capabilities. The website reflects a professional business with clear branding and relevant content targeting industrial customers. Technically, the website runs on an Apache server and uses JavaScript libraries including Google Analytics and Google Maps API. However, the site lacks HTTPS encryption, which is a critical security shortfall. Performance metrics are not available, but the site shows basic mobile optimization and SEO practices. The hosting provider is identified via DNS as esys.at, an Austrian hosting service. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS is a major vulnerability, exposing users to potential data interception. No advanced security headers or policies are implemented, and there is no visible incident response or vulnerability disclosure information. Privacy compliance is minimal, with no cookie consent mechanism detected, although a basic privacy policy and terms of service are present. Overall, the website demonstrates moderate business credibility and content quality but suffers from significant security and privacy compliance gaps. Strategic improvements in SSL deployment, security headers, and privacy mechanisms are recommended to enhance trust and protect users.

U

UNTHA shredding technology GmbH

untha.com

29

UNTHA shredding technology GmbH is a well-established manufacturer specializing in industrial shredding machines for various waste and recycling applications. With over 50 years of experience and a global presence including subsidiaries in the US, the company offers tailored shredding solutions for materials such as residual wood, metal, plastics, electronic waste, and more. The website reflects a professional and comprehensive digital presence with detailed product information and customer testimonials. Technically, the site uses modern frameworks like Next.js and React, hosted on AWS CloudFront, and integrates privacy and analytics tools such as Cookiebot, Google Tag Manager, and Matomo. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that significantly impacts the site's security posture. Security headers are properly configured, but the lack of TLS protocols and certificate transparency compliance are notable vulnerabilities. Overall, the site is trustworthy and business credible but requires urgent security improvements to protect user data and enhance trust.

L

Lomography

lomography.com

32

Lomography is a well-established analogue photography community and e-commerce platform founded in 1994, offering a wide range of analogue cameras, films, lenses, and educational content. The website demonstrates excellent content quality, user experience, and community engagement, targeting photography enthusiasts globally. Technically, the site uses a modern stack with nginx and Phusion Passenger, and employs Google Tag Manager for analytics and marketing. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, exposing users to potential interception risks. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the business credibility is high, but the security posture requires urgent improvement to protect users and maintain trust.

W

Würth Österreich

wuerth.at

40

Würth Österreich operates a comprehensive B2B e-commerce platform targeting trade professionals and businesses in Austria. The website offers a wide range of industrial and professional products alongside specialized services such as consulting, digital tools, and engineering support. The company is positioned as a market leader with a strong brand presence and multiple customer engagement channels including social media and mobile apps. Technically, the site uses modern web technologies and a professional CMS, providing a good user experience and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is generally good with accessible policies, but lacks a visible cookie consent mechanism. Overall, the site is professional and credible but requires urgent security improvements to protect users and maintain trust.

D

Dorner Electronic GmbH

dorner.at

35

Dorner Electronic GmbH is a medium-sized Austrian company specializing in technology and software solutions for concrete manufacturers, including ready-mix, precast concrete, dry batch, and bulk material sectors. The company positions itself as a European market leader with a global presence through subsidiaries and partner networks. Their offerings include automation solutions, software products, and apps that digitalize and optimize production processes from order to invoicing. Technically, the website is built on modern frameworks such as Next.js and React, hosted on HostingHub Cloud, and demonstrates good mobile optimization and SEO practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

Bilfinger SE is an established international industrial services provider specializing in maintenance, expansion, and operation of industrial plants primarily in the energy, chemicals, pharma, and oil & gas sectors. The company operates across Europe, North America, and the Middle East, offering a comprehensive service portfolio including consulting, engineering, manufacturing, assembly, maintenance, and digital applications. The website reflects a mature digital presence built on TYPO3 CMS with a professional design and multilingual support targeting industrial clients globally. Technically, the site uses Apache and PHP 7.4 with various JavaScript libraries and integrates Matomo for analytics and Consentmanager.net for cookie consent management. Security posture is moderate; while security headers and a content security policy are present, the SSL/TLS configuration is currently invalid or missing, which is a critical issue. No WAF or blocking mechanisms are detected, and the site is fully accessible. The domain registration data is consistent with the business claims, showing a long-established domain without privacy protection, supporting legitimacy. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to improve security and user trust.

S

StreamUnlimited Engineering GmbH

streamunlimited.com

25

StreamUnlimited Engineering GmbH is a medium-sized technology company based in Austria, specializing in system integration for connected audio, Matter, IoT, and voice assistant technologies. The company offers a comprehensive portfolio of software and hardware solutions, including StreamSDK, StreamAnalytics, Stream2Go, and StreamAMP, targeting brands and ODMs seeking advanced embedded products. With over 120 professionals and a global reach, StreamUnlimited positions itself as a reliable partner for audio streaming and IoT product development. The website is professionally designed, well-structured, and provides detailed information about products, services, and company values. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The site includes GDPR-compliant privacy and cookie policies with consent mechanisms, reflecting good privacy practices. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its security posture to ensure safe and trusted user interactions.

P

Pers-Con

pers-con.at

24

Pers-Con is a specialized recruitment and personal consulting firm focusing on sectors such as automotive, IT, pharma, waste management, insurance, finance, law, and construction. The company operates primarily in Austria and neighboring countries, offering services including direct candidate approach, media-supported search, and social media utilization. The website reflects a professional business with clear service offerings and team member contacts, targeting both companies and job seekers. Technically, the site is built on Joomla CMS with common web technologies like jQuery and Bootstrap, but lacks modern performance optimizations and mobile responsiveness is basic. Critically, the absence of HTTPS and a valid SSL certificate severely impacts security posture and trustworthiness. Cookie consent and privacy policies are implemented, indicating GDPR awareness. Overall, the site is functional but requires urgent security upgrades to meet modern standards.

R

Rubix

theprojectoffice.co.nz

27

Rubix is a New Zealand-based national independent project management consultancy specializing in unlocking project potential across diverse sectors including education, infrastructure, commercial, and sustainability. The company offers comprehensive services from strategic planning through to project delivery, emphasizing sustainable design and construction practices. Their market position is supported by a mature domain and a broad portfolio of projects across New Zealand. Technically, the website is built on Craft CMS and served via nginx with Cloudflare DNS. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall. The site uses Google Tag Manager for analytics but lacks privacy and cookie policies, which impacts privacy compliance. Performance metrics indicate slow DNS resolution, and no advanced security headers or mechanisms are implemented. Security posture is weak due to missing HTTPS, lack of HSTS, and no security headers, exposing users to potential risks. The WHOIS data confirms a consistent and legitimate registration with a mature domain age, though the lack of domain protection locks is noted. Contact information is comprehensive with multiple regional offices, enhancing business credibility. Overall, the website demonstrates good business and content quality but requires urgent security improvements to protect users and enhance trust. Privacy compliance is minimal, and adding policies and consent mechanisms is recommended.

F

Flex

flex.com

40

Flex is a global enterprise specializing in advanced manufacturing and end-to-end supply chain solutions. The company offers a broad range of services including design and engineering, supply chain management, advanced manufacturing, post production, and post sale services. With a strong global footprint and multiple subsidiaries, Flex positions itself as a leader in manufacturing innovation and operational efficiency. The website reflects a professional and comprehensive digital presence, targeting businesses requiring scalable manufacturing and supply chain solutions. Technically, the website is built on WordPress and hosted on Pantheon, utilizing modern web technologies such as jQuery, Google Tag Manager, and New Relic for monitoring. The site is well-optimized for SEO and mobile responsiveness, providing a good user experience. However, performance metrics are moderate, and there is room for improvement in loading speed. From a security perspective, the site has several HTTP security headers configured, including HSTS and CSP in report-only mode. Unfortunately, the SSL certificate is invalid or missing, and no TLS protocols are enabled, which significantly weakens the security posture. No direct contact emails or phone numbers are publicly listed, but contact forms are available. Privacy and cookie policies are present and indicate GDPR compliance. Overall, while the business credibility and content quality are high, the lack of proper SSL/TLS configuration is a critical security concern that should be addressed promptly to protect user data and maintain trust.

E

Eurocom Translation Services GmbH

eurocom.at

27

Eurocom Translation Services GmbH is a well-established B2B translation and language service provider based in Austria, with over 30 years of experience and a strong market presence in the DACH region. The company offers a comprehensive suite of services including technical and marketing translations, terminology management, quality management, and language managed services such as Global SEO and machine translation. Eurocom is part of the Kaleidoscope Group, which enhances its technological capabilities and market reach. The website reflects a professional and content-rich digital presence, targeting export-oriented businesses seeking multilingual content solutions. Technically, the site is built on WordPress with modern plugins and tools, but suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. The security posture is basic, lacking important security headers and DNS security features. Overall, Eurocom demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trustworthiness.

Tommy Hilfiger is a globally recognized fashion brand offering a wide range of apparel and accessories for men, women, and children through its official online shop. The website targets fashion-conscious consumers and provides a comprehensive e-commerce platform with seasonal collections, sales, and a membership program. The technical infrastructure leverages modern web technologies including Next.js, React, and Contentstack CMS, supported by a robust CDN via Akamai and integrated with multiple third-party services for analytics, marketing, and payment processing. Despite strong security header implementations, the absence of a valid SSL certificate and lack of HTTPS significantly undermines the security posture of the site. Privacy and cookie policies are well documented and indicate GDPR compliance. Overall, the website demonstrates a high level of professionalism and business credibility but requires urgent attention to its SSL configuration to ensure secure user interactions.

N

Nameshift.com

ibk.fr

26

The website ibk.fr is a domain sales landing page managed by Nameshift.com, a company specializing in domain name transfers and escrow services. The business model focuses on providing a safe, fast, and fee-free domain transfer experience for buyers, with the seller paying commissions. The site targets individuals and businesses looking to purchase domain names securely. Technically, the site uses modern frameworks such as SvelteKit and is hosted on a CDN associated with Nameshift.com. However, the website suffers from critical security shortcomings, including the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Additionally, privacy and cookie policies are missing, and DNS security configurations are incomplete or malformed. These factors reduce trust and compliance with data protection regulations. Overall, the site presents a basic but functional domain sales platform with room for significant security and compliance improvements.

M

Montanuniversität Leoben

mu-leoben.at

33

Montanuniversität Leoben is a well-established technical university in Austria specializing in sustainable technologies and circular engineering. The website reflects a strong academic and research focus with comprehensive educational offerings and active international partnerships. Technically, the site uses TYPO3 CMS with modern frontend libraries but lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and incomplete security headers, though privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

Komatsu Forest is a mature and established manufacturer specializing in forestry machinery and related services, operating primarily out of Sweden. The company offers a broad range of forest machines including harvesters, forwarders, harvester heads, and forestry excavators, complemented by digital solutions such as Smart Forestry and a comprehensive spare parts and training service portfolio. Their market position is strong as a leading global player in forestry equipment, supported by a consistent brand presence and clear communication channels. Technically, the website is built on a Sitecore CMS platform with a technology stack including jQuery, Bootstrap, and Google Fonts. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which significantly impacts its security posture. Performance metrics are incomplete, but the site shows good design and user experience qualities. From a security perspective, the absence of HTTPS and related security headers is a critical vulnerability that exposes users to risks such as data interception. The site does implement privacy and cookie policies with consent mechanisms, indicating awareness of GDPR compliance. However, there is no visible incident response or vulnerability disclosure policy, and no security certifications are presented. Overall, the website is professional and credible but requires urgent security improvements, particularly the implementation of a valid SSL certificate and enhanced security headers, to protect users and improve trustworthiness.

V

Verticalfarminstitute

verticalfarminstitute.org

29

The Vertical Farm Institute is a specialized research and consulting organization focused on advancing urban agriculture and vertical farming. Established in 2013 and based in Vienna, Austria, it collaborates on international projects such as Horizon 2020's euPOLIS. The website presents a professional digital presence with rich content including project descriptions, journals, and service offerings targeted at real estate developers, architects, and sustainability-focused stakeholders. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates moderate maturity and credibility but requires urgent improvements in security and privacy practices.

The website es-investments.com currently serves as a parked domain landing page with no active business content or services. It primarily displays advertising and affiliate links indicating the domain is for sale. The technical infrastructure is minimal, hosted on Hetzner Online with a Caddy server, and uses parking scripts from ParkingCrew and Afternic. There is no valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Privacy compliance is minimal with only a basic privacy policy accessible via a popup link, and no cookie consent mechanisms are present. The lack of business information, contact details, and security best practices significantly lowers the site's trustworthiness and credibility.

The website polymet-solutions.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to be enabled. This prevents access to any substantive content or business information. The domain is registered and uses Cloudflare for DNS and security services but lacks a valid SSL certificate, resulting in no HTTPS support. The absence of privacy policies, contact information, or business details on the landing page limits the ability to assess the company's market position or services. Technically, the site employs Cloudflare's security headers but fails to implement modern TLS protocols or HSTS, reducing its security posture. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility due to the blocked content and missing critical elements.

B

BHDT GmbH

bhdt.at

22

BHDT GmbH is a specialist company focused on high pressure equipment and components for the chemical and petrochemical industries, operating primarily in Austria. The company is part of the Dr. Aichhorn Group and offers engineering, design, and production services. The website reflects a medium-sized B2B manufacturing business with a professional online presence and clear business segmentation. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and marketing analytics. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy policies are present but lack a cookie consent mechanism, which may affect GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements.

A

AICHELIN Holding GmbH

aichelin.com

40

AICHELIN Holding GmbH is a leading industrial manufacturing company specializing in heat treatment solutions for metallic parts and components. The company offers a broad portfolio including industrial furnace systems, industrial burner systems, vacuum furnaces, and battery materials, supported by comprehensive global service offerings. Their website reflects a professional B2B focus targeting industrial clients and equipment manufacturers. Technically, the site uses modern JavaScript libraries, Bootstrap framework, and integrates consent management and Google Tag Manager for analytics and privacy compliance. However, the SSL/TLS configuration is critically flawed with an invalid certificate and no enabled TLS protocols, posing a significant security risk. Security headers are well implemented, but the lack of valid HTTPS severely impacts the security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is content-rich and professionally presented but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and trust.

The website onecareco.com is currently a parked domain with minimal content primarily consisting of advertising scripts and placeholders. There is no active business information, contact details, or meaningful content describing any products or services. The domain is mature, registered since 2007, but the website does not reflect an active or professional business presence. Technically, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. The hosting provider is Hetzner Online, and the site uses nginx and Caddy servers with JavaScript-based ad delivery. Security posture is weak with no modern TLS protocols enabled and no security headers configured. Privacy compliance is minimal with only a basic privacy policy page present and no cookie consent mechanism. Overall, the site scores low on content quality, technical implementation, security, privacy compliance, and business credibility.