Security Directory

A

Austria Wirtschaftsservice Gesellschaft mbH

awsg.at

40

Austria Wirtschaftsservice Gesellschaft mbH (aws) is the official Austrian federal promotional bank dedicated to fostering innovation and economic growth within Austria. The website serves as a comprehensive portal for Austrian entrepreneurs and companies seeking funding, subsidies, and advisory services. It offers a broad range of programs targeting startups, SMEs, and established companies, with a strong emphasis on energy, sustainability, and internationalization. The site is well-branded, professionally designed, and provides clear navigation and rich content in German, targeting primarily Austrian businesses and innovators. Technically, the website is built on TYPO3 CMS and uses Apache as the web server. It integrates Matomo analytics for privacy-compliant user tracking and employs modern web technologies including CSP and various security headers. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security concern. Performance metrics are not available, but the site appears mobile-optimized and accessible. From a security perspective, while several security headers are implemented, the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No explicit security or incident response policies are found on the site. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy in place, aligned with GDPR requirements. Overall, the site is a credible and professional government service platform with excellent content and user experience but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve trustworthiness.

M

M.Tech Products Pte Ltd

mtechpro.com

40

M.Tech Products Pte Ltd is a leading distributor and solutions provider specializing in cyber security and network performance solutions across the Asia-Pacific region. The company maintains a strong market position with presence in 14 countries, 24 offices, and a reseller network exceeding 2,000 partners. Their business model focuses on partnering with market-leading vendors to deliver integrated security and network performance management solutions, complemented by professional services and training offerings. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for their target audience of enterprises and resellers. Technically, the website is built on WordPress using common libraries such as jQuery and Owl Carousel, with Gravity Forms for data collection. While the site is mobile optimized and SEO friendly, performance appears slow based on provided data. Critically, the site lacks a valid SSL certificate and proper HTTPS configuration despite having security headers like HSTS, which severely impacts its security posture. Analytics usage is moderate with Google Analytics implemented, but no cookie consent mechanism or explicit cookie policy was found. From a security perspective, the site demonstrates basic best practices through HTTP security headers but suffers from the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or vulnerability disclosure information is available, and no security certifications are displayed. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website is functional and professional but requires urgent security improvements, especially regarding SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Strategic recommendations include securing the website with valid certificates, enabling modern security protocols, and enhancing privacy and incident response disclosures.

P

Polizeichor Dortmund

polizeichor-dortmund.de

23

Polizeichor Dortmund is a small, local non-profit choir organization based in Germany, founded in 1909. The choir serves as a bridge between the police and the community, inviting all interested individuals to participate regardless of prior choral experience. Their website provides information about rehearsal times, locations, and upcoming events, targeting local citizens and choir enthusiasts. Technically, the website is built on WordPress with a standard Apache/PHP hosting environment and uses common plugins such as Yoast SEO for optimization. However, the site lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes visitors to potential risks and undermines trust. Security headers are minimal, and no advanced security policies or incident response information is provided. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism or GDPR-specific notices. Overall, the website is functional and informative but requires significant improvements in security and privacy to meet modern standards.

W

Werner Kolb / KOLB DIGITAL AUDIO

werner-kolb.de

35

Werner Kolb operates a personal brand website focused on music production, performance, and authorship, particularly addressing musicians with tinnitus. The site presents a niche media business with a strong personal touch, targeting a broad audience interested in music and health. The technical infrastructure is based on WordPress with popular plugins like Elementor and Slider Revolution, hosted likely by 1&1 IONOS. While the site is well-structured and content-rich, it lacks a valid SSL certificate, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy awareness. Social media integration and contact information enhance business credibility. Overall, the site is functional but requires urgent security improvements to protect user data and improve trust.

U

Unisto

unisto.co.uk

26

Unisto is a mature manufacturing company specializing in security seals and brand profiling solutions, operating globally with Swiss quality standards. The website reflects a professional business presence targeting companies requiring security and brand protection products. Technically, the site is built on TYPO3 CMS with modern frontend libraries such as jQuery, Swiper, and Bootstrap, hosted by Fasthosts Internet Ltd. However, the absence of HTTPS/SSL is a critical security flaw that undermines user trust and data protection. Privacy and cookie policies are implemented with a consent mechanism, but direct contact details are limited to forms without explicit emails or phone numbers. Overall, the website is functional and professional but requires urgent security improvements.

W

Welser Profile GmbH

welser.com

32

Welser Profile GmbH is a well-established family-owned manufacturing company specializing in steel and stainless steel profiles, serving various industrial sectors including mobility, energy, and construction. The website presents a professional and content-rich platform with multilingual support and detailed service offerings. Technically, the site uses Apache server technology, HubSpot CMS, and integrates Google Maps and various marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but need enhancement. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements.

F

FLOTAINMENT

flotainment.com

37

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

A

abss interactive GmbH

abss.at

40

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

ALSO Holding AG operates in the technology sector, primarily focusing on IT distribution and related services. The domain also.nl currently serves as a minimal placeholder that immediately redirects users to the main corporate site also.com, indicating that the primary web presence is maintained elsewhere. The business targets B2B customers and partners within the technology industry, positioning itself as an established player with a large organizational size and international reach. Technically, the site is hosted on Apache servers with managed IP DNS services but lacks modern web infrastructure features such as SSL/TLS encryption, security headers, and performance optimizations. The absence of HTTPS and security best practices represents a significant security risk and lowers trustworthiness. No privacy or cookie policies are present, and no contact information is provided on this domain, which further reduces compliance and user trust. Overall, the domain appears legitimate and consistent with the corporate identity but requires urgent improvements in security and content to meet modern standards.

R

ReinZeit Handels GmbH

reinzeit.com

40

ReinZeit Handels GmbH is an Austrian retail company specializing in eco-friendly cleaning and wellness products, including microfiber cloths, cleaners, laundry detergents, and wellness aroma products. The company emphasizes social responsibility, environmental protection, and Austrian quality standards, targeting consumers interested in sustainable and socially responsible products. Their business model includes direct sales through consultants and an online shop, supported by active social media channels and marketing efforts. Technically, the website is built on WordPress with WooCommerce, using popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is hosted on an Austrian IP and uses Apache server technology. However, performance metrics are not available, and the site is moderately optimized for mobile devices. From a security perspective, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Although some security headers like HSTS and X-Frame-Options are present, the absence of TLS protocols and strong cipher suites significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed and trustworthy from a business perspective but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security best practices.

The website harmann.ch represents a small Swiss law firm operated by Robert Harmann, offering legal services primarily in the Zürich region. The site provides basic information about the firm's practice areas including commercial law, family law, inheritance law, and related legal fields. The business model is that of a traditional law firm targeting local clients seeking legal counsel. The website content is minimal and primarily informational, with no interactive features or detailed contact information visible on the main page. Technically, the site is outdated, using HTML 4.01 Transitional and generated by Adobe GoLive 6, with no modern CMS or frameworks detected. The hosting is provided by Hostpoint, but the site lacks HTTPS, exposing visitors to security risks. Security posture is weak due to absence of SSL/TLS, missing security headers, and no privacy or cookie policies, which also impacts compliance with GDPR and other regulations. Overall, the website presents a low digital maturity level and limited user experience, which may affect trust and professional perception. Strategic improvements in security, privacy compliance, and content quality are recommended to enhance credibility and protect client data.

The website sfwien.at represents a small personal or business presence for an individual named Sven Fuchs, primarily providing contact information such as phone numbers and an email address. The site content is minimal and lacks detailed business descriptions or service offerings, indicating a limited digital footprint and business scope. Technically, the website is hosted on an Apache server with DNS managed by world4you.at, but it lacks modern web technologies and uses outdated Microsoft Word generated HTML, resulting in poor performance and accessibility. Critically, the site does not implement HTTPS, exposing visitors to security risks and undermining trust. No privacy, cookie, or terms of service policies are present, indicating non-compliance with GDPR and other privacy regulations. The domain registration data is consistent and legitimate, with no privacy protection or suspicious patterns detected. Overall, the website's security posture is weak, with no security headers, no TLS support, and no incident response or vulnerability disclosure mechanisms. Strategic improvements are necessary to enhance security, privacy compliance, and technical quality.

The website buron-avocat.fr represents a small legal practice operating in the Forbach and Saarbrücken regions, providing legal services primarily to French and German-speaking clients. The site itself is minimal, serving mainly as a redirect to a localized subdirectory, with very limited content on the landing page. The business appears to be established since 2009, supported by a mature domain registration. However, the digital presence is basic and lacks modern web features or comprehensive business information. From a technical perspective, the website is hosted on an Apache server via IONOS SE, but it lacks HTTPS support and a valid SSL/TLS certificate, which is a significant security concern. The site does not implement security headers or advanced web technologies, and performance data is unavailable, indicating potential slow or unoptimized loading. There is no evidence of analytics or tracking tools, and no privacy or cookie policies are present, which raises compliance concerns. Security posture is weak due to the absence of HTTPS, lack of security headers, and no incident response or vulnerability disclosure information. The domain registration is consistent and mature, but the lack of domain protection locks and security best practices lowers trustworthiness. Overall, the website presents a low security and privacy compliance profile, which could impact user trust and regulatory adherence. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, addition of privacy and cookie policies to comply with GDPR, enhancement of security headers, and inclusion of clear contact information to improve business credibility and user trust.

P

Palfinger AG

palfinger.ag

37

Palfinger AG is a well-established international manufacturer specializing in innovative hydraulic lifting solutions, including cranes, access platforms, and marine equipment. The company holds a strong market position with a large workforce and extensive global manufacturing and sales presence. The website reflects a mature digital infrastructure using Pimcore CMS and Bootstrap framework, with good mobile optimization and accessibility. However, the absence of a valid SSL/TLS certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, supported by OneTrust consent management. The company demonstrates transparency through investor relations, social media engagement, and a vulnerability disclosure policy. Overall, Palfinger AG's website is professional and content-rich but requires urgent security improvements to align with best practices.

C

Constable Alan Rosen

pct1constable.net

51

The website pct1constable.net represents the Harris County Constable's Office Precinct 1, a government law enforcement entity serving residents and visitors of Harris County, Texas. The site provides detailed information about the office's mission, divisions, community programs, and contact information, positioning itself as a trusted local public safety resource. The business model is that of a government service provider focused on law enforcement and community engagement. Technically, the site is built on WordPress with common plugins such as WPBakery Page Builder, Slider Revolution, and Contact Form 7, and integrates Google Analytics for visitor tracking. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, exposing the site to potential risks. Privacy compliance is weak, with no visible privacy or cookie policies and no consent mechanisms, despite the use of tracking technologies. Overall, the site is functional and informative but requires urgent improvements in security and privacy to meet modern standards.

K

Kontron Technologies GmbH

secureguard.eu

23

Kontron Technologies GmbH is a medium-sized Austrian technology company specializing in Industrial IoT, digitalization, and smart energy solutions. With over 20 years of experience, they provide tailored software development, workforce management, and expert services to optimize business processes. The website is professionally designed, content-rich, and targets B2B clients seeking innovative technology solutions. Technically, the site runs on Drupal 10 with Apache but lacks a valid SSL certificate, exposing it to security risks. Cookie consent and privacy policies are well implemented, ensuring GDPR compliance. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in SSL deployment and security headers are recommended to enhance trust and protect user data.

H

HESS Cash Systems GmbH & Co. KG

hess.de

21

HESS Cash Systems GmbH & Co. KG is a medium-sized German company specializing in cash processing system solutions, serving banks, public institutions, energy providers, libraries, and retail businesses. The company positions itself as a market leader with over 135 years of tradition, offering consulting, development, production, and service. The website reflects a professional B2B business model with clear branding and consistent messaging. Technically, the site uses a TYPO3 CMS platform with modern frontend frameworks like Bootstrap and jQuery, and integrates Google Tag Manager and Cookiebot for analytics and cookie consent. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no explicit security or incident response policies are published. The domain registration and DNS records align well with the parent company Gauselmann Group, supporting legitimacy. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

I

Invenium Data Insights GmbH

invenium.io

26

Invenium Data Insights GmbH is a specialized data analytics company based in Austria focusing on anonymized mobile phone signaling data to provide insights into human mobility patterns. Their services support city planners, transportation authorities, tourism, retail, and event organizers by leveraging AI and big data technologies to optimize mobility and infrastructure planning. The website is professionally designed, content-rich, and GDPR compliant, targeting public and private sector clients who require data-driven decision-making tools. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted on Hetzner servers. However, the lack of a valid SSL certificate and HTTPS significantly weakens the security posture. Privacy compliance is strong with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is supported by testimonials and partner logos. Overall, the site is functional and trustworthy but requires urgent security improvements.

The website maks.at is a small, personal graphic design business site documenting the history and rebranding of the entity now known as apparat.wien. It targets clients and interested parties in the graphic design and branding space, primarily in Austria. The site content is well-structured with a timeline format, providing a narrative of the business evolution from 1988 to 2020. Technically, the site uses Apache hosting with Google Analytics and Google Fonts integration but lacks modern CMS or frameworks. Performance data is unavailable, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to risks and reducing trust. Privacy compliance is poor, with no visible privacy or cookie policies. Business credibility is moderate but limited by lack of contact information and trust signals. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

T

Triple A Aqua Service GmbH

watercooler.at

23

Triple A Aqua Service GmbH operates the website watercooler.at, offering water dispensers and related services primarily in Austria. The company positions itself as a market leader with over 25 years of experience, providing both leased water dispensers and Alpenwasser bottled water delivery. The website is professionally designed using WordPress with the Divi theme and includes comprehensive content, customer testimonials, and social media integration. However, the technical infrastructure shows weaknesses in SSL/TLS configuration, lacking a valid certificate and modern protocols, which poses security risks. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Contact information is clearly provided, enhancing business credibility.

The website ae-net.info represents a small independent consulting business operated by Torsten A�, offering services in project management, marketing, coaching, and business consulting primarily targeting German-speaking clients. The business has a mature domain with 20 years of registration, consistent with the claimed experience and service offerings. The website content is static, primarily informational, and presented in German, with no interactive forms or contact details explicitly provided on the homepage. Technically, the site is hosted on Apache via IONOS SE, uses outdated HTML standards, and lacks modern web technologies or CMS platforms. Performance is slow, and mobile optimization is poor. Security posture is weak due to the absence of HTTPS and security headers, exposing visitors to potential risks. No privacy or cookie policies are present, indicating poor privacy compliance. Overall, the site reflects a basic digital presence with limited technical and security maturity.

The domain cindycut.de is registered and hosted by STRATO but currently serves only a placeholder page indicating the website is not available. There is no active business content, no contact information, and no privacy or security policies present. The technical infrastructure is minimal, with an Apache server serving HTTP content without SSL/TLS encryption. This results in a poor security posture and low trustworthiness. The domain registration is consistent and legitimate, but the lack of active content and security measures suggests the website is inactive or under development. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, and deploying security headers to improve trust and compliance.

C

CREATE

create.at

25

CREATE is a medium-sized Austrian eLearning company specializing in interactive and immersive digital learning solutions for businesses, academies, and trainers. The company offers a comprehensive range of services including consulting, content creation, learning management systems, and XR learning experiences. Positioned as a multiple award-winning full-service eLearning agency, CREATE targets organizations seeking innovative and tailored digital education solutions. The website reflects a professional and consistent brand image with excellent content quality and user experience.

V

Vela Labs

vela-labs.at

28

Vela Labs GmbH is a GLP and GMP certified contract laboratory specializing in analytical services for pharmaceutical and biotechnology companies. The company supports all phases of drug development with services including physico-chemical analysis, ligand binding assays, cell based assays, microbiological analysis, clinical sample analytics, and GMP storage. As part of the Tentamus Group, Vela Labs positions itself as a trusted partner with strong compliance credentials and a focus on quality and regulatory adherence. The website demonstrates a professional digital presence built on WordPress with SEO and analytics integrations, targeting pharma and biotech professionals. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the company shows a solid market position but should urgently address its SSL/TLS configuration to improve security posture and user confidence.

The website chavabeijk.nl represents a personal artist site for soprano Chava Beijk, providing information about her musical repertoire, collaborations, and contact details for concerts and singing lessons. The site targets classical music enthusiasts, concert organizers, and students interested in vocal training. The business model is focused on personal promotion and service offerings in the niche classical music sector, with a small scale and localized presence in the Netherlands. Technically, the site is hosted on an Apache server with basic JavaScript for UI interactions and is hosted by Mijndomein. The site lacks modern frameworks, CMS, or advanced performance optimizations, resulting in slow loading and poor mobile optimization. No analytics or tracking technologies are detected, indicating minimal digital maturity. From a security perspective, the site lacks HTTPS and a valid SSL certificate, exposing users to potential risks. No advanced security headers or policies are implemented, and no privacy or cookie policies are present, indicating poor compliance with GDPR and modern privacy standards. The DNS configuration is basic with SPF but lacks DNSSEC and CAA records. Overall, the security posture is weak, with critical recommendations needed to improve encryption and security headers. Overall, the site is functional for its purpose but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect visitors. The lack of HTTPS is a critical issue that significantly lowers the security score and overall AI rating.

H

Heller Consult Tax & Business Solutions GmbH

hellerconsult.com

27

Heller Consult Tax & Business Solutions GmbH is a Vienna-based tax and business consulting firm targeting entrepreneurs and businesses primarily in Austria. The company offers a range of services including tax consulting, accounting, business consulting, digital booking, and client portals. Their market position is that of a small but professional local firm with an international network partner, InterGest® Austria, supporting clients with expansion needs. The website is well structured, professionally designed, and provides clear contact channels and trust indicators such as customer testimonials and a ProvenExpert rating widget. Technically, the site is built on TYPO3 CMS with UIkit framework and integrates analytics tools like Google Tag Manager and Hotjar. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security vulnerability. Cookie consent and privacy policies are well implemented and GDPR compliant. Overall, the business presents a credible and professional image but must urgently address its SSL/TLS deficiencies to improve security and trust.

M

Maschinenring Schweiz

maschinenring.ch

26

Maschinenring Schweiz is a Swiss umbrella organization dedicated to fostering inter-company collaboration in agriculture. It connects members, organizes purchasing cooperatives, and offers various services to support agricultural businesses. The website is professionally designed using TYPO3 CMS and hosted on Hostpoint, with a clear structure and multilingual support. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, and social media presence is established on Facebook and Instagram. Overall, the site reflects a medium-sized, established non-profit entity with a strong community focus but requires urgent security improvements.

D

DAXNER GmbH

daxner.at

40

DAXNER GmbH is a medium-sized Austrian manufacturing company specializing in bulk material technology and engineering solutions for various industrial sectors including food, chemical, and non-food industries. The company has a strong market position as an internationally leading provider with a comprehensive portfolio of products and services such as engineering, production, assembly, and control technology. Their website reflects a professional and well-structured digital presence with excellent content quality and SEO optimization. Technically, the site is built on WordPress with modern plugins and scripts, but lacks a valid SSL certificate and proper HTTPS configuration, which is a significant security concern. Security headers are well implemented, but the absence of TLS protocols and session resumption reduces the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information and social media presence enhance business credibility. Overall, the website is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

C

conova communications GmbH

conova.com

40

conova communications GmbH is a well-established Austrian IT service provider specializing in tailored IT solutions including data center services, managed hosting, cloud, virtualization, and security. Founded in 1988, conova positions itself as a strategic partner for businesses requiring high availability and secure IT infrastructure, primarily serving the Austrian market with international reach. The company operates its own data centers and offers hybrid cloud solutions, emphasizing data sovereignty and security. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and certifications such as ISO 27001 and EN 50600, reinforcing its market credibility. Technically, the website is built on WordPress with modern plugins like Slider Revolution and Borlabs Cookie for cookie management, and integrates marketing tools such as HubSpot. The site is mobile-optimized and SEO-friendly, with structured data and Open Graph metadata enhancing search visibility. However, the absence of a valid SSL/TLS certificate and disabled TLS protocols represent significant security shortcomings, undermining the otherwise strong security posture indicated by HTTP headers and certifications. Security-wise, conova demonstrates good practices with multiple security headers and GDPR-compliant privacy and cookie policies. Yet, the lack of HTTPS and modern TLS support is a critical vulnerability that must be addressed urgently to protect data in transit and maintain trust. No incident response or vulnerability disclosure information was found, suggesting an area for improvement in transparency and security readiness. Overall, conova presents a professional and trustworthy business with strong market positioning and technical maturity, but the critical SSL/TLS issues pose a risk that could impact customer confidence and compliance. Strategic remediation of these security gaps is recommended to align the website's security posture with its business reputation.

M

Mondial GmbH & Co. KG

mondial-congress.com

37

Mondial GmbH & Co. KG is a medium-sized Austrian company specializing in congress and event management services, including green meetings, virtual events, and travel management. The company holds several industry certifications and maintains a multilingual, content-rich website targeting organizations seeking professional event solutions. Technically, the website is built on WordPress with modern libraries but lacks a valid SSL certificate, resulting in a critical security gap. The absence of HTTPS and security headers exposes users to risks and reduces trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

S

Stryker

stryker.com

40

Stryker is a large multinational healthcare company specializing in medical devices and healthcare solutions, serving a global audience including healthcare professionals and patients. The website serves as an international homepage with localized country sites, reflecting a broad global presence. Technically, the site is built on Adobe Experience Manager and hosted via AWS CloudFront, utilizing various marketing and analytics technologies such as Adobe DTM, Google Analytics, and Marketo. However, the website lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are implemented but cannot compensate for the absence of HTTPS. Privacy and cookie policies are not found, and no explicit contact information is provided on the homepage, which impacts privacy compliance and user trust. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy compliance to meet modern standards.

O

OBLIN Rechtsanwälte GmbH

oblin.at

26

OBLIN Rechtsanwälte GmbH is a specialized international law firm focusing on arbitration, litigation, and dispute resolution based in Austria and Germany. The firm targets businesses engaged in cross-border disputes and white collar crime matters, positioning itself as a leading boutique legal service provider with a strong international network and multiple awards. The website reflects a professional and consistent brand image with comprehensive content about their expertise and team. Technically, the website is built on TYPO3 CMS and served via Apache, with good mobile optimization and SEO practices. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Security headers are partially implemented, but modern TLS protocols and HSTS are missing. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements.

D

DIE FLIEGENDEN KÖCHE GMBH

fliegende-koeche.com

25

DIE FLIEGENDEN KÖCHE GMBH operates Austria's largest chefs agency, providing professional kitchen staff placement services nationally and internationally since 2007. The company targets gastronomy businesses such as restaurants and hotels, offering temporary and permanent staffing solutions including various chef roles. Their market position is strong within Austria, supported by over a decade of experience and multiple regional offices. Technically, the website is built on WordPress with common plugins and libraries but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and use of outdated PHP. The site includes privacy and cookie policies with consent mechanisms, but lacks explicit security or incident response policies. Overall, the business credibility is good, but the security posture is weak, exposing the site to risks. Strategic improvements in HTTPS deployment, server software updates, and security headers are recommended to enhance trust and compliance.

M

MedMedia Group

medmedia.ie

38

MedMedia Group is a specialist healthcare communications and marketing agency based in Ireland, focusing on delivering publishing expertise combined with design, digital innovation, and marketing services tailored to the healthcare sector. Their market position is that of a niche provider serving healthcare clients with a broad spectrum of services including publications, web and mobile development, brand identity, and event management. The website content is professional and well-structured, targeting healthcare organizations in Ireland. Technically, the website runs on an Apache server with a Foundation CSS framework and uses several JavaScript libraries including jQuery 1.11.0, Font Awesome, and Animate.css. Google Analytics is integrated for user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security and trust issue. Performance data is missing but inferred to be slow, and mobile optimization is basic. SEO and accessibility features are present but minimal. From a security perspective, the site has some security headers configured but fails to provide a valid SSL/TLS configuration, exposing users to risks. There are no visible privacy or cookie policies, and no incident response or vulnerability disclosure information is provided. The absence of GDPR compliance indicators and cookie consent mechanisms further weakens the privacy posture. Overall, the website demonstrates moderate business credibility and good content quality but suffers from critical security shortcomings due to lack of HTTPS and privacy compliance. Strategic improvements in SSL configuration, privacy policies, and updated technology stacks are recommended to enhance trust and security.

E

EC2U

ec2u.eu

40

EC2U is a European educational alliance focused on collaboration among city universities, providing joint academic programs, mobility opportunities, and research initiatives. The website targets students, staff, researchers, and citizens, offering multilingual content and resources. Technically, the site is built on WordPress with a modern tech stack including jQuery and various plugins, hosted via Gandi. While the site has good design, accessibility, and SEO practices, it critically lacks a valid SSL certificate, exposing users to security risks. Security headers are present but their effectiveness is diminished without HTTPS. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Overall, the domain registration is consistent and trustworthy, with active social media presence enhancing credibility.

A

AIM Group International

aimgroupinternational.com

35

AIM Group International is a medium-sized service provider specializing in event management, digital communication, and consultancy services primarily targeting companies and associations. The company offers a broad portfolio including conference management, virtual and hybrid events, healthcare meetings, digital marketing, and consultancy services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern libraries and plugins, hosted on Amazon AWS infrastructure. However, the website lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. While cookie consent and privacy policies are implemented and GDPR compliant, the absence of HTTPS and security headers exposes the site to risks. Overall, the business appears legitimate and well-established with active social media presence and trust indicators such as an annual report and newsletter. Strategic improvements in security configuration are recommended to enhance trust and compliance.

H

Hilfswerk Österreich

hilfswerk.at

36

Hilfswerk Österreich is a large, well-established non-profit organization providing extensive health, social, and family services across Austria. The website reflects a professional and comprehensive digital presence, targeting a broad audience including elderly people, children, families, and caregivers. The organization maintains a strong market position as one of Austria's leading providers in its sector, supported by government funding and a wide range of services. Technically, the website is built on TYPO3 CMS with modern frontend libraries and includes accessibility and SEO best practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL implementation to mitigate security risks.

The website at fsm-alliance.com is minimally developed with no meaningful content or business information presented. The site primarily serves tracking pixels and advertising scripts without any visible privacy, cookie, or terms of service policies. The domain is registered but lacks DNS records and does not have a valid SSL/TLS certificate, resulting in an insecure HTTP-only connection. These factors indicate a low level of digital maturity and poor security posture. The absence of contact information and business details further reduces trust and credibility. Overall, the site appears inactive or underdeveloped, posing significant risks for users and visitors.

N

Ninefeb

ninefeb.com

37

Ninefeb is a European service provider specializing in technical documentation, eLearning, consulting, and personnel services. The company operates primarily in Austria with a subsidiary in the UK, targeting businesses requiring comprehensive technical communication support. The website presents a professional image with clear service offerings and client testimonials, positioning Ninefeb as a trusted partner in its niche. Technically, the site is built on WordPress using the Avada theme and Yoast SEO plugin, indicating a modern CMS approach but lacks HTTPS support, which is a significant security concern. The absence of a valid SSL certificate exposes users to potential data interception risks and undermines trust. Privacy compliance is well addressed with a clear cookie consent mechanism and a comprehensive privacy policy. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

I

InfoMatrix Technologies Pvt. Ltd.

infomatrix.com

23

InfoMatrix Technologies Pvt. Ltd. is a small Indian IT services company specializing in web design, software development, ecommerce solutions, SEO, and hosting services primarily targeting clients in Noida and Delhi/NCR. The company has an established regional presence with repeat business and a focus on customer satisfaction. Technically, the website is built on an outdated Joomla 1.5 CMS platform hosted on Apache servers without HTTPS enabled, which exposes users to security risks. The site includes basic SEO and accessibility features but lacks modern performance optimizations and mobile responsiveness. Security posture is weak due to absence of SSL/TLS, missing security headers, and no published security or incident response policies. Privacy compliance is minimal with no cookie consent mechanism despite use of Google Analytics tracking. Overall, the website presents a basic professional front but requires significant improvements in security, privacy, and technical modernization to meet current standards.

Semmelrock, a brand under Wienerberger AG, specializes in manufacturing and distributing high-quality concrete paving and landscaping products across Central and Eastern Europe, with a strong presence in Romania. The website reflects a mature business with consistent branding and a focus on sustainability and innovation. Technically, the site is built on Adobe Experience Manager and integrates marketing tools like Google Tag Manager and Cookiebot for consent management. However, the absence of a valid SSL certificate and HTTPS significantly weakens the security posture, exposing users to potential risks. Privacy compliance is basic, with privacy and cookie policies present but lacking explicit GDPR compliance details. Contact information is limited to a contact form without visible emails or phone numbers, which may affect user trust. Overall, the site is professional and content-rich but requires urgent security improvements to align with modern standards.

J

Job-TransFair gemeinnützige GmbH

jobtransfair.at

27

Job-TransFair gemeinnützige GmbH is a Vienna-based non-profit organization dedicated to supporting disadvantaged individuals in the labor market by facilitating permanent employment opportunities. The organization collaborates with a large network of partner companies and receives financial support from the AMS Wien and the City of Vienna. Their website provides comprehensive information about their services, success stories, and job offers, targeting both job seekers and employers. The content is well-structured, professionally presented, and primarily in German. Technically, the site is built on the Contao CMS platform with modern frontend technologies like Bootstrap and jQuery, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy compliance is strong, with Cookiebot implemented for consent management and clear privacy and cookie policies. The site also integrates Google Tag Manager for analytics and marketing purposes. Overall, the business is credible and transparent, with clear contact information and trust indicators such as certifications and partnerships.

E

ERSTE Immobilien Kapitalanlagegesellschaft m.b.H.

ersteimmobilien.at

40

ERSTE Immobilien KAG operates as a specialized real estate investment fund manager focusing on Austrian and German residential and commercial properties with a strong emphasis on sustainability and ethical investment principles. The website reflects a mature digital presence with modern JavaScript frameworks and CDN usage, providing a good user experience and clear business information. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Legal and compliance documentation is comprehensive and accessible, supporting regulatory adherence. Overall, the business demonstrates credibility and professionalism but must urgently address critical security gaps to protect user data and maintain trust.

A

ADMIRAL Entertainment Holding Germany GmbH

admiral-games.de

40

ADMIRAL Entertainment Holding Germany GmbH operates as a prominent gaming and entertainment company in Germany, specializing in the operation of modern game halls and providing a wide range of gaming machines and services. As part of the reputable NOVOMATIC AG group, ADMIRAL leverages both tradition and innovation to deliver unique leisure experiences to its customers. The website reflects a professional and consistent brand image targeting German-speaking audiences, with clear navigation and relevant business content. Technically, the site is built on TYPO3 CMS and uses modern frameworks like Bootstrap, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and HTTPS support. Security headers are implemented, and cookie consent mechanisms are in place, indicating a basic level of privacy compliance. However, the absence of HTTPS significantly undermines the site's security posture. Overall, the business appears legitimate and well-established, with clear contact information and social media presence, but the technical security gaps present a risk that should be addressed promptly.

The website represents a small private psychotherapy practice operated by Darchelle Worley MA, LMHC, based in Seattle, Washington. The business focuses on providing individual and group therapy services to adults and adolescents, emphasizing present-focused change and healing from past traumas. The site content is relevant and consistent with the healthcare sector, targeting clients seeking mental health support. Technically, the website is built on a legacy stack using Apache server and older versions of jQuery. It lacks a CMS and modern web technologies, resulting in basic mobile optimization and slow performance. The site is served over HTTP without a valid SSL certificate, which is a significant security concern. Google Analytics is used for tracking, but no privacy or cookie policies are present, indicating poor privacy compliance. From a security perspective, the absence of HTTPS, lack of security headers, and missing DNS security features such as DNSSEC and CAA records expose the site to risks. No incident response or security policies are published, and no forms are present to collect user data, reducing attack surface but also limiting user engagement. The domain's DNS records are incomplete or missing, and no SSL certificate is installed, which undermines trust and legitimacy. Overall, the website scores low on security and privacy compliance, moderate on business credibility and content quality, and basic on technical implementation. Strategic improvements in SSL deployment, privacy policy publication, and security header implementation are critical to enhance trust and compliance.

L

LKB

lkb.eu

23

LKB is a small healthcare-focused company based in Austria, specializing in the supply and distribution of life science and routine medical diagnostics products. The company holds ISO 9001 certification and emphasizes customer and technical support, targeting laboratories and medical diagnostics professionals. The website presents a professional design with clear navigation and relevant content, supporting the company's market position as a trusted supplier in the region. Technically, the website uses modern frontend technologies such as Bootstrap 5 and jQuery, hosted on SuperHosting.bg, but lacks HTTPS support and advanced security configurations, which significantly impacts its security posture. The absence of SSL/TLS encryption and security headers exposes the site to risks and undermines user trust. Privacy compliance is minimal, with a privacy policy present but no cookie policy or consent mechanisms. Contact information is comprehensive and clearly displayed, enhancing business credibility. Overall, while the business and website demonstrate professionalism and market relevance, critical security improvements are necessary to protect users and data.

Thefundwell.com is currently an expired and parked domain with no active website content or business presence. The site serves only a parking page with advertising scripts from Network Solutions and smartsearchresults.net, indicating it is not operational as a business website. There is no privacy policy, cookie policy, terms of service, or contact information available, which further confirms the lack of active management or legitimate business operations. Technically, the site is served over HTTP without any SSL/TLS certificate, exposing visitors to security risks. The absence of security headers, DNSSEC, and other best practices highlights a poor security posture. Overall, the domain is inactive and presents a high risk for users, with no trust or credibility indicators.

A

AMAG Austria Metall AG

amag.at

27

AMAG Austria Metall AG is a well-established Austrian manufacturer specializing in environmentally friendly and future-oriented aluminium products and solutions. The company serves various industries including automotive, aerospace, industrial goods, and consumer goods, positioning itself as a leader in the aluminium manufacturing sector. Their website provides comprehensive information about their products, corporate values, investor relations, media, and career opportunities, targeting business customers and industry partners. The digital infrastructure is based on TYPO3 CMS with integration of modern frontend frameworks and analytics tools such as Matomo and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens the security posture. While security headers like Content Security Policy and X-Content-Type-Options are present, critical improvements are needed to secure data transmission and enhance trust. Overall, the website is professional and content-rich but requires urgent security upgrades to meet modern standards.

hoog.at is a small, community-driven alternative social network and blog platform primarily focused on social activism, photography, and personal projects by Wolf Hoog and collaborators. The website targets a German-speaking audience interested in social causes and alternative culture. It leverages WordPress with BuddyPress and ActivityPub plugins to provide social networking features and content sharing. The site has a moderate market position within its niche and maintains a consistent, good-quality content offering with active social media channels. Technically, the site runs on Apache and is hosted by easyname.eu, but suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections. Performance data is missing, and mobile optimization is basic. Security posture is weak due to missing HTTPS, lack of strong security headers, and no modern TLS protocols enabled. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is moderate, supported by consistent domain registration and social media presence but limited direct contact information. Overall, the site is functional but requires significant security and privacy improvements to enhance user trust and compliance.

O

Ovotherm International Handels GmbH

ovotherm.com

28

Ovotherm International Handels GmbH is a medium-sized Austrian manufacturing company established in 1969, specializing in eco-friendly clear egg packaging made from recycled PET waste. The company positions itself as the global market leader in the egg packaging industry, targeting businesses within the egg supply chain. Their website reflects a professional and consistent brand image, offering detailed product information, environmental benefits, and company insights. Technically, the site uses the ProcessWire CMS with modern frontend libraries such as GSAP and Tailwind CSS, providing a good user experience and mobile optimization. However, the website critically lacks a valid SSL/TLS certificate, resulting in no HTTPS support and weak security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Social media presence on Facebook, Instagram, and LinkedIn supports trust and engagement.