Security Directory

A

Allnex GMBH

allnex.com

40

Allnex GmbH is a global leader in the manufacturing of industrial coating resins, adhesives, sealants, and specialty coatings. The company targets industrial manufacturers and formulators in the chemical and coatings industries, offering a broad portfolio of products and technical support. The website reflects a mature enterprise-grade digital presence with comprehensive content, clear navigation, and multi-language support, indicating a global market reach. Technically, the site is built on ASP.NET with Kentico CMS, hosted likely on Microsoft Azure, and employs modern web technologies including lazy loading and SVG icons. However, the security posture is weak due to an invalid SSL certificate and lack of TLS protocol support, which critically impacts trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to ensure safe user interactions and data protection.

T

traffic3 GmbH

traffic3.net

25

traffic3 GmbH is a specialized online marketing agency based in Vienna, Austria, focusing on performance marketing services such as Google Ads, SEO, web analytics, video and social ads, programmatic advertising, and conversion optimization. The company holds reputable certifications including Google Ads Premier Partner and Google Analytics Certified Service Partner, positioning it as a trusted player in the digital marketing sector. The website content is rich, professionally designed, and targets businesses seeking expert online marketing solutions primarily in Austria. Technically, the website employs modern JavaScript and consent management tools but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance is slow, with a page load time exceeding 14 seconds, which may affect user experience. Privacy compliance is well addressed with comprehensive policies and a consent mechanism in place. Contact information is clearly presented, enhancing business credibility. Overall, the site demonstrates strong business legitimacy but requires urgent security improvements.

The website amiraair.at is currently a parked domain landing page with no active business content or services. It primarily serves as a domain for sale advertisement, targeting potential domain buyers or investors. The site lacks any company branding, contact information, or business descriptions, indicating it is not currently used for commercial operations. Technically, the site is hosted on Hetzner Online with nginx and Caddy components, and uses several advertising and tracking scripts from parkingcrew.net and Google Adsense Domains CAF. However, the site lacks HTTPS support and has no valid SSL certificate, exposing it to security risks and reducing user trust. Security headers and best practices are minimal or absent, and no privacy or cookie consent mechanisms are implemented beyond a basic privacy policy link. Overall, the site’s security posture is weak, and its technical and content quality is poor, reflecting its status as a parked domain rather than an active business website.

S

SK Rapid

skrapid.at

22

SK Rapid's official website serves as a digital hub for the Austrian football club, providing fans with access to news, podcasts, merchandise, ticket sales, and video content. The site demonstrates a solid market position as a leading sports organization in Austria with a well-established brand and multiple sponsorship partnerships. Technically, the website is hosted on nginx servers with a modern JavaScript-based frontend and integrates third-party services such as Google Tag Manager and OneTrust for cookie consent management. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks. The site lacks explicit privacy and terms of service policies, which impacts compliance with GDPR and other privacy regulations. Overall, while the business presence and content quality are good, critical security and privacy gaps require urgent attention to protect users and enhance trust.

K

KOHLBACH

kohlbach.at

34

KOHLBACH is a company specializing in biomass energy solutions, targeting businesses and organizations interested in sustainable energy production. The website presents a basic digital presence with minimal content and limited business information. The technical infrastructure uses modern JavaScript frameworks such as React and integrates third-party services like CookiePro for cookie consent and Google Tag Manager for analytics. However, the website lacks HTTPS, which is a critical security deficiency, and does not provide privacy policies or contact information, limiting trust and compliance. Security posture is weak due to missing SSL, lack of security headers beyond Content-Security-Policy, and absence of domain security features like DMARC and DNSSEC. Overall, the site is functional but requires significant improvements in security and compliance to meet industry standards.

S

Stork

stork.com

40

Stork is an established industrial services company focused on asset management, maintenance, and consultancy primarily in the energy and process industries. Recently acquired by Bilfinger, Stork operates under its umbrella in several key countries including Belgium, the Netherlands, Germany, and the USA. The website presents a comprehensive overview of their services and global presence, targeting industrial clients seeking lifecycle asset support. Technically, the site uses modern React technology but suffers from slow load times and lacks a valid SSL certificate, which impacts its security posture. Privacy compliance is well addressed with clear cookie and privacy policies including consent mechanisms. However, explicit contact details like emails and phone numbers are not readily available, relying mainly on contact forms. Overall, the site is professional and trustworthy but would benefit from improved security configurations and performance optimizations.

D

Dr. Andreas Riedler Facharzt für HNO, Kopf- und Halschirurgie

der-hno-arzt.at

40

Dr. Andreas Riedler operates a specialized ENT medical practice based in Wels, Austria, providing comprehensive ear, nose, and throat healthcare services including examinations, therapies, and surgeries. The website targets local patients seeking trusted medical care and emphasizes personalized patient relationships and appointment scheduling. Technically, the website is built on a CMS platform (ZMS) with standard web technologies and integrates Matomo analytics for user behavior tracking with privacy opt-out features. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no terms of service or incident response policies are published. Overall, the website is functional and professionally presented but requires urgent security improvements to meet modern standards.

S

SonnenMoor

sonnenmoor.at

40

SonnenMoor is an established Austrian family-owned business specializing in natural health products and remedies, operating since 1972. The company leverages a Shopify-based e-commerce platform to serve both retail consumers and business partners, with a strong focus on natural, herbal, and moor-based products. The website is professionally designed, content-rich, and provides comprehensive contact and support information, including personal consultation services. Technically, the site uses modern e-commerce technologies and integrates multiple marketing and analytics tools with GDPR-compliant consent mechanisms. However, a critical security issue is the lack of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture and user trust. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Strategic improvements in SSL/TLS configuration are essential to enhance security and trust.

L

Lidl Österreich

lidl.at

40

Lidl Österreich operates a comprehensive retail website offering a wide range of products including food, household items, garden supplies, fashion, and more. The site features extensive promotional content, including weekly offers and loyalty programs such as Lidl Plus. The company holds a strong market position in Austria as a leading discount supermarket chain, supported by a consistent and professional brand presence. Technically, the website employs modern technologies like Vue.js and is hosted on a robust infrastructure with Akamai DNS services. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and content security policies, indicating a focus on security best practices. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional and trustworthy but must urgently address the SSL deficiency to ensure secure user interactions.

O

OC Oerlikon Management AG

oerlikon.com

40

OC Oerlikon Management AG is a global industrial technology leader specializing in surface technologies, advanced materials, and additive manufacturing solutions. The company serves key growth markets including automotive, aerospace, energy, tooling, and luxury sectors through a portfolio of subsidiaries and partner brands. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data security. Privacy compliance is well addressed with a robust cookie consent mechanism and clear privacy policies. Overall, the business demonstrates high legitimacy and market positioning but requires urgent improvements in security posture to align with best practices.

Y

YES BANK

yesbank.in

40

YES BANK is a major Indian financial institution providing a range of banking services including retail, corporate, and investment banking. The website content analyzed is minimal and primarily technical, with no visible privacy or cookie policies, contact information, or user-facing content. The domain and DNS data confirm the legitimacy of the bank's online presence. Technically, the site uses Oracle Cloud infrastructure and Akamai CDN, with multiple third-party analytics and advertising integrations. However, the absence of a valid SSL certificate is a critical security flaw, severely impacting the site's security posture and user trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site requires urgent remediation of SSL issues and improved transparency in privacy and contact information to meet industry standards.

I

Istmobil

istmobil.at

35

Istmobil.at is an independent informational website focused on providing detailed reviews, guides, and affiliate referrals related to mobile casinos and online gambling targeted at Austrian players. The site offers comprehensive content on casino apps, bonuses, payment methods, and gaming options, positioning itself as a niche media player in the online gambling affiliate space. Technically, the site is hosted behind Cloudflare and uses standard web technologies including HTML5, CSS3, and JavaScript, with Google Fonts for typography. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. This significantly impacts the site's security posture and user trust. Privacy compliance is minimal, with no visible cookie consent mechanism and only basic privacy and terms of service pages linked in the footer. The site uses Matomo analytics and affiliate marketing links to partner casino domains. Overall, while content quality and business credibility are moderate to good, the lack of HTTPS and modern security practices present a major risk. Strategic improvements in security and privacy compliance are essential to enhance trust and protect users.

E

Emerson Electric Co.

flexim.com

40

The website flexim.com serves as a comprehensive brand page for Flexim, a division of Emerson Electric Co., specializing in non-intrusive, clamp-on ultrasonic flow meters for liquids, gases, and steam. The site positions Flexim as an industry leader with a strong focus on industrial and energy sectors, offering a wide range of products, services, and customer support resources. The content is rich, professionally designed, and well-structured, targeting industrial customers and professionals seeking advanced flow measurement solutions. Technically, the site employs modern web technologies including Bootstrap, Google Tag Manager, and Visual Website Optimizer, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy and compliance measures are well addressed with clear privacy and cookie policies, and incident response channels are available. Overall, the site demonstrates high business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and maintain trust.

C

Campaigning Bureau

campaigning-bureau.com

24

Campaigning Bureau is a well-established political campaigning agency based in Austria with offices in Vienna and Berlin. They specialize in movement campaigning, political communication, stakeholder mobilization, and ESG communication, serving political actors, companies, NGOs, and organizations. The company holds a strong market position in Europe, supported by international awards and recognition as a top employer. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager and Truendo CMP, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS and missing security headers, representing a critical vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Contact information is transparent and complete, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and improve trust.

B

BFI Salzburg BildungsGmbH

bfi-sbg.at

36

BFI Salzburg BildungsGmbH is a prominent educational institution in Salzburg, Austria, offering a wide range of courses, certifications, and educational services targeting individuals and companies seeking professional development. The website demonstrates a comprehensive and well-structured presentation of their offerings, including course programs, school qualifications, health and nursing professions, and corporate services. The digital infrastructure is built on Pimcore CMS and served via nginx, with Matomo analytics implemented for privacy-conscious user tracking. However, the absence of a valid SSL/TLS certificate and HTTPS significantly undermines the site's security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements.

M

Microlife AG

microlife.ch

37

Microlife AG is a well-established Swiss company specializing in the development and production of medical diagnostic devices such as blood pressure monitors, thermometers, and respiratory therapy equipment. The company holds a strong market position as a world leader in healthcare technology, targeting both home users and healthcare institutions. Their website reflects a professional and consistent brand image with multilingual support and a comprehensive product portfolio. Technically, the website uses modern JavaScript and tracking tools but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS undermines user trust and exposes data to interception risks. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policies. However, no explicit security or incident response policies are publicly available. Overall, the site is functional and informative but requires urgent security improvements to align with best practices and user expectations.

E

Englisch Dekor

englisch.at

40

Englisch Dekor is a well-established Austrian company specializing in the manufacturing and supply of flame-retardant furniture fabrics, curtains, and decorative textiles primarily for the hospitality, gastronomy, and healthcare sectors. With a history dating back to 1866, the company holds a leading position in the European market, offering a wide range of functional and sustainable textile solutions. Their business model focuses on B2B sales supported by a comprehensive global network of sales representatives and an online webshop. Technically, the website is built on TYPO3 CMS and hosted on Apache servers managed by internex.at. The site features modern interactive elements such as global contact maps and language selection, with good mobile optimization and accessibility. However, performance metrics indicate slow loading times, which could be improved. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. While several security headers are present, the absence of HTTPS significantly impacts the overall security posture. The site implements a cookie consent mechanism with detailed cookie information, indicating good privacy compliance. Contact information is comprehensive and includes multiple regional sales contacts. Overall, the website is professionally designed and content-rich, reflecting a mature business with strong market presence. However, the lack of proper SSL/TLS configuration poses a significant risk that should be addressed promptly to ensure secure communications and maintain trust.

B

Breitenfeld Edelstahl AG

breitenfeld.at

40

Breitenfeld Edelstahl AG is a well-established Austrian manufacturer specializing in high-quality stainless steel and forged products, serving metal processing companies primarily in the manufacturing, energy, and transportation sectors. The company emphasizes environmentally friendly steel production using electric steelmaking processes and holds recognized certifications such as EN 9100, ISO 9001, and ISO 14001. Their digital presence is built on the HubSpot CMS platform, leveraging Cloudflare for hosting and content delivery. While the website is professionally designed with good content quality and navigation, there is a critical security gap due to the absence of a valid SSL certificate and HTTPS enforcement, which poses risks to user data confidentiality and trust. Privacy compliance is basic, with no visible cookie consent mechanisms or detailed privacy policies on the main site. Overall, the business credibility is high, supported by certifications and a consistent brand presence, but technical and security improvements are necessary to enhance trust and compliance.

A

AirPlus

airplus.com

40

AirPlus operates as a global enterprise specializing in corporate travel payment and expense management solutions. The company targets business travelers and corporate clients worldwide, offering localized website versions for multiple countries and languages. The business model focuses on B2B services within the transportation sector, positioning AirPlus as an established player in the corporate travel payment industry. Technically, the website is hosted on an Apache server with Akamai CDN support, utilizing JavaScript and Bootstrap frameworks for frontend presentation. While the site offers multilingual support and country-specific content, performance metrics are not provided, and the site shows basic mobile optimization and accessibility features. The technical stack is modern but lacks advanced CMS or platform indicators. From a security perspective, the website lacks a valid SSL certificate and does not enable any TLS protocols, which is a critical vulnerability. Although several security headers are present, some important protections like X-XSS-Protection are disabled, and HSTS is not fully configured. The site uses multiple external tracking and advertising services, leading to extensive user tracking without visible privacy or cookie policies, indicating poor privacy compliance. Overall, the website demonstrates moderate business credibility but suffers from significant security and privacy shortcomings. Strategic improvements in SSL/TLS configuration, privacy policy implementation, and security header enhancements are essential to reduce risk and improve trustworthiness.

S

Studio Snap

studiosnap.ca

38

Studio Snap is a small photography service business with a website built on the GoDaddy Website Builder platform. The site presents a simple business description emphasizing timeless photography and friendly service, targeting local photography clients. The technical infrastructure relies on GoDaddy hosting and includes Google reCAPTCHA for form protection. However, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical security shortfall. No privacy policy or terms of service pages are present, and contact information is limited to a contact form without direct emails or phone numbers. The site performance is slow, and security headers are absent, indicating a basic security posture. Overall, the business appears legitimate but is in an early stage with room for significant improvements in security and compliance.

RAG Austria AG is Austria's largest energy storage company and a leading technical storage operator in Europe, specializing in the storage, conversion, and conditioning of gaseous energy carriers with a strong focus on renewable gases such as hydrogen. The company has a well-established market position with a history spanning over 90 years and operates multiple subsidiaries and partnerships in the energy sector. Technically, the website is built on TYPO3 CMS and uses modern tools like Usercentrics for cookie consent and Matomo for analytics, reflecting a moderate digital maturity. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS, which significantly impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the company presents a professional and trustworthy online presence but must urgently address its SSL/TLS configuration to improve security and trust.

S

SVCI

svci.net

37

SVCI is a specialized angel investor syndicate composed of leading Chief Information Security Officers (CISOs) focused on early-stage cybersecurity startups. The group leverages its deep industry expertise and network to identify promising companies and provide both capital and mentorship. Powered by Notable Capital, a significant early-to-growth VC firm, SVCI operates independently with a strong emphasis on ethics and transparency. The website presents a professional image with clear messaging about its mission and operations, targeting cybersecurity entrepreneurs and investors.

N

Nameshift.com

racon.co.uk

31

The website racon.co.uk is a domain sales landing page operated by Nameshift.com, a small technology business based in the Netherlands specializing in domain name transfers and escrow services. The business model focuses on providing a safe, fast, and fee-free domain transfer experience for buyers, with the seller paying commissions. The site content is minimal and primarily serves as a transactional interface for domain purchase via Nameshift.com. Technically, the site uses modern frameworks such as SvelteKit and is hosted by Hosting Concepts B.V., but suffers from poor performance and incomplete content presentation. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, alongside malformed DNS CAA records and lack of domain protection locks. Privacy compliance is minimal, with no visible privacy or cookie policies, and no contact emails or phone numbers provided. Overall, the site presents moderate trustworthiness but requires significant improvements in security and privacy to meet professional standards.

Aon plc operates a comprehensive global professional services website focused on risk and human capital advisory services. The site presents a strong market position with extensive content, clear navigation, and professional design targeting enterprise clients worldwide. The technical infrastructure leverages modern JavaScript frameworks, Cloudflare CDN, and advanced analytics tools such as New Relic and Eloqua, indicating a mature digital presence. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the site reflects a reputable enterprise with strong business credibility but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

D

Deutsche Lufthansa AG

ltt.aero

40

Lufthansa Technical Training (LTT) is a well-established aviation technical training provider affiliated with Deutsche Lufthansa AG. The company offers a broad range of training services including vocational, basic, and type training for aviation professionals worldwide. Their business model targets both individual trainees and corporate clients, leveraging customized training solutions to meet specific needs. The website reflects a professional and consistent brand image with comprehensive content and strong trust indicators such as EASA certification and Lufthansa Group affiliation. Technically, the site is built on the Scrivito CMS platform and hosted on Amazon S3 with CloudFront CDN, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which severely impacts security posture. Privacy and cookie policies are well implemented and GDPR compliant, with moderate user tracking via Google Analytics and marketing tools like Intercom and Usercentrics. Overall, the website provides a good user experience and clear navigation but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

A

ATP Koncernen

atp.dk

34

ATP Koncernen is a large Danish financial and governmental entity focused on securing economic welfare through pension management and welfare administration for Danish citizens. The website reflects a strong market position with comprehensive services including lifelong pension and welfare benefits administration. The digital infrastructure is built on Drupal CMS with integrations for cookie consent and analytics, demonstrating a mature technical setup. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing the site to risks and reducing trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

S

SABIC

sabic.com

40

SABIC is a large multinational petrochemical company headquartered in Saudi Arabia, specializing in manufacturing and supplying polymers, chemicals, specialties, and agri-nutrients. The website reflects a mature enterprise with a comprehensive digital presence targeting industrial customers, investors, and job seekers. The content is professionally presented with clear navigation and consistent branding. Technically, the site uses ASP.NET technology with modern JavaScript libraries and Google Tag Manager for analytics and marketing. However, the SSL/TLS configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of HTTPS and SSL issues to ensure secure user interactions.

E

EOX IT Services GmbH

eox.at

27

EOX IT Services GmbH is a specialized technology company focused on Earth observation data services and software solutions. Their offerings include satellite data visualization, cloudless mapping, and data catalog services targeting researchers and professionals in geospatial and environmental fields. The company maintains a professional web presence with a clear focus on open data and cloud-native solutions. Technically, the website is built on VuePress and modern JavaScript frameworks, providing a good user experience and mobile optimization. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Security headers are partially implemented, but the absence of TLS protocols and cipher suites severely impacts the security posture. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is minimal, with no explicit emails or phone numbers on the site, though social media presence is strong. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

L

Lovely Systems GmbH

lovelysystems.com

35

Lovely Systems GmbH is a small technology company specializing in building and operating digital platforms, focusing on multi-platform applications and large-scale web services. Their website presents a modern chat interface and highlights their expertise in scalable digital solutions. The company maintains a presence on GitHub and LinkedIn, supporting their credibility and outreach to developers and businesses seeking digital platform services. Technically, the website uses modern JavaScript and CSS features but suffers from slow load times and lacks a content management system. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and missing security headers, which exposes users to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and limited user tracking via GoatCounter analytics. Overall, the site is functional but requires significant improvements in security and privacy to meet industry standards.

H

Helvetia Versicherungen AG

helvetia.at

40

Helvetia Versicherungen AG is a well-established insurance provider in Austria with over 165 years of experience and a large customer base exceeding 650,000. The company offers a wide range of insurance and pension products tailored to private customers, including accident, vehicle, household, and life insurance. The website is professionally designed, content-rich, and provides comprehensive navigation and contact options, reflecting a mature digital presence. Technically, the site uses Adobe Experience Manager CMS and integrates Adobe DTM for analytics and marketing. However, a critical security gap exists as no valid SSL certificate is detected, resulting in no HTTPS support, which significantly impacts the security posture. Security headers are properly configured, but the lack of HTTPS is a major vulnerability. Privacy and cookie policies are present and comprehensive, indicating good compliance with GDPR. Overall, the website is trustworthy and credible but requires urgent security improvements to protect user data and maintain trust.

W

Wirtschaftsagentur Wien

wirtschaftsagentur.at

40

Wirtschaftsagentur Wien is a well-established government agency founded in 1982, dedicated to supporting economic development in Vienna. The agency offers a comprehensive range of services including free consulting, funding opportunities, event organization, and networking for startups, established businesses, and international companies. Their market position as the official economic development fund of the City of Vienna is strong, supported by consistent branding and a professional online presence. The website is content-rich, multilingual, and targets a broad audience of entrepreneurs and businesses in Vienna. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes interactive features such as animated content and a service compass tool.

S IMMO AG is a prominent Austrian real estate investment company with a diversified portfolio across several European Union countries. The company focuses on office, retail, hotel, and residential properties, targeting investors and stakeholders interested in European real estate markets. The website provides comprehensive corporate and investor relations information, including news updates and portfolio insights. Technically, the website is built on TYPO3 CMS and hosted on an Apache server with nameservers indicating a German hosting provider. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The cookie consent mechanism and privacy policy are well implemented, indicating good privacy compliance. Security headers are minimal, and modern TLS protocols are not supported, which lowers the security posture significantly. Overall, the website is professional and content-rich but requires urgent improvements in security infrastructure to protect user data and enhance trust.

P

Party and Be Married

partyandbemarried.com

37

Party and Be Married is a small, specialized event planning and coordination company focused on weddings, lifestyle, and business events primarily serving California and beyond. The company emphasizes a personalized, artistic approach to creating unique client experiences. The website is hosted on Squarespace and uses standard web technologies including JavaScript, FontAwesome, and Google Fonts. While the site design is professional and content is relevant, the technical infrastructure shows weaknesses such as lack of a valid SSL certificate and disabled HTTPS, which severely impacts security posture. No privacy or cookie policies are present, indicating poor privacy compliance. Contact information is limited to an email and contact form, with no phone or physical address listed. Social media presence is active, supporting marketing efforts. Overall, the website is functional but requires significant improvements in security and compliance to meet modern standards.

O

Omya International AG

omya.com

38

Omya International AG is a leading global producer and distributor of industrial minerals and specialty materials, primarily focusing on calcium carbonate and dolomite-based products. With a strong presence in over 50 countries and 160 plants, Omya serves diverse industries including adhesives, agriculture, building and construction, polymers, and water treatment. The company emphasizes sustainability and innovation, operating 17 dedicated laboratories and holding over 325 patent families. The website is professionally designed, content-rich, and well-structured, targeting industrial customers and partners worldwide. Technically, the site is built on Adobe Experience Manager with modern web technologies and includes consent management for privacy compliance. However, a critical security issue is the absence of a valid SSL certificate and enabled TLS protocols, which significantly impacts the site's security posture. Privacy policies and terms of service are present and comprehensive, supporting GDPR compliance. Overall, Omya's digital presence reflects a mature, credible industrial business but requires urgent security improvements to protect user data and enhance trust.

Bahlsen GmbH & CO. KG is a well-established German company specializing in the production and sale of high-quality pastries, cookies, and wafers with a history spanning over 130 years. The website targets consumers interested in premium bakery products and maintains a strong brand presence with localized content for multiple countries. Technically, the site is built using modern frameworks such as Next.js and React, hosted on Vercel, and integrates a headless CMS (Storyblok) for content management. However, the website currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. While security headers like Content-Security-Policy and Strict-Transport-Security are present, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially met with a comprehensive privacy policy and terms of use, but no cookie consent mechanism is detected. Overall, the site demonstrates good business credibility and professional content but requires urgent security improvements.

T

T-Mobile Austria GmbH

t-mobile.at

38

T-Mobile Austria GmbH operates the website t-mobile.at, branded as Magenta, providing telecommunications services including mobile telephony, internet, and TV packages primarily targeting Austrian consumers and businesses. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries, and integrates Google Tag Manager and Usercentrics for analytics and consent management. However, a critical security gap exists as the website lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Security headers are partially implemented, but transport security is insufficient. Privacy and legal policies are comprehensive and GDPR compliant, with clear contact information and social media presence enhancing trust. Overall, the site is credible and well-positioned in the Austrian telecommunications market but urgently requires HTTPS implementation to improve security posture.

ATP architekten ingenieure is a well-established European architecture and engineering firm specializing in integrative planning and sustainable building solutions using Building Information Modeling (BIM). With over 1,500 employees and 14 locations across Europe, the company holds a strong market position as a BIM pioneer and leader in sustainable architecture. The website reflects a high level of professionalism, comprehensive project portfolios, and active engagement with clients through social media and contact forms. Technically, the site uses modern frameworks like Astro and is hosted on Netlify, but suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines the security posture. Privacy and cookie policies are present and GDPR compliant, supporting good privacy practices. Overall, the site is content-rich and user-friendly but requires urgent security improvements to protect user data and enhance trust.

B

BWF Offermann, Waldenfels & Co. KG

bwf-group.com

33

BWF Offermann, Waldenfels & Co. KG operates the BWF Group, a mature and internationally recognized family-owned manufacturing business specializing in industrial filters, wool felts, technical needle felts, and plastic profiles. With 1,800 employees and 16 production sites worldwide, the company holds a strong market position as a technology leader in its sectors. The website reflects a professional and comprehensive presentation of their business, subsidiaries, and product offerings, targeting industrial clients globally. Technically, the site is built on TYPO3 CMS with modern JavaScript and PHP backend, but lacks critical HTTPS security, which significantly impacts its security posture. The presence of SPF and DMARC records indicates attention to email security, while social media and sustainability statements enhance trust and transparency. Overall, the site is content-rich and well-structured but requires urgent security improvements.

Analog Devices, Inc. is a global leader specializing in the design and manufacturing of analog, mixed signal, and digital signal processing integrated circuits. The company serves a broad range of industries including aerospace, automotive, communications, consumer electronics, energy, industrial automation, and healthcare. Their website reflects a mature enterprise with a comprehensive portfolio aimed at engineers and technical professionals. The site is well-structured, mobile-optimized, and rich in multimedia content, demonstrating a high level of digital maturity and professional branding consistency. Technically, the website leverages modern web technologies such as JavaScript frameworks, Adobe Dynamic Tag Manager, and is hosted on Akamai's CDN, ensuring good performance and scalability. The use of structured data (JSON-LD) enhances SEO and provides clear business information. However, the SSL/TLS configuration is critically flawed with an invalid or missing certificate and no support for modern TLS protocols, which significantly undermines the site's security posture. Security headers are properly implemented, including HSTS and Content Security Policy, but the lack of a valid SSL certificate and absence of OCSP stapling and session resumption mechanisms indicate areas needing urgent remediation. Privacy compliance is weak, with no visible privacy or cookie policies and no explicit GDPR compliance indicators. Contact information such as emails and phone numbers are not explicitly provided in the analyzed content, which may affect user trust and compliance. Overall, the website presents a professional and trustworthy business front but requires immediate attention to its SSL/TLS security configuration and privacy compliance to mitigate risks and enhance user trust. Strategic improvements in these areas will strengthen the company's digital security posture and regulatory adherence.

S

Semantic Web Company

semantic-web.at

39

Semantic Web Company is a technology provider specializing in semantic AI solutions, headquartered in Austria with subsidiaries in the US and UK. They offer the PoolParty Semantic Suite, a leading graph-based platform for text mining, recommender systems, and data fabric solutions, targeting enterprises seeking advanced AI-driven knowledge management. The website is professionally designed with comprehensive content and clear navigation, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security shortfall that undermines trust and data protection. The technical stack is modern, leveraging WordPress with Elementor and various JavaScript libraries, but performance data is lacking, indicating potential optimization opportunities. Privacy compliance is addressed with visible cookie consent and a detailed privacy policy, though analytics tracking is minimally configured. Overall, the business credibility is strong, supported by consistent branding and active social media engagement, but security posture requires urgent improvement to meet industry standards.

D

Dr. Isabella Eberl

notarin-eberl.at

35

The website represents a small professional notary office led by Dr. Isabella Eberl located in Taxenbach, Salzburg-Land, Austria. It offers a broad range of notarial services including testament and inheritance law, real estate transactions, family law, and corporate legal services. The site is well-structured with clear service descriptions and contact information, targeting private individuals and businesses in the local region. Technically, the site uses a Mono CMS platform with various external scripts for fonts, tracking, and consent management. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy and cookie policies are present with a consent mechanism, but no terms of service or explicit security policies are found. The site uses Google Analytics and Herold Tracker for analytics and marketing purposes. Overall, the site is professional but requires urgent security improvements to protect user data and enhance trust.

E

Endress+Hauser AG

endress.com

40

Endress+Hauser AG is a global leader in industrial measurement instrumentation and automation solutions, serving diverse sectors including energy, chemical, life sciences, water treatment, and oil & gas. The company offers a comprehensive portfolio of products and services, including flow, level, liquid analysis, optical analysis, pressure, and temperature measurement devices, alongside software and system products. Their website reflects a mature digital presence with extensive product information, customer support, and training resources, targeting industrial process engineers and related professionals worldwide. Technically, the website employs modern web technologies such as JavaScript, CSS, JSON-LD structured data, and utilizes Tealium for analytics and tag management. The site is hosted on reliable infrastructure, likely Amazon AWS, and demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics indicate slow loading times, which may impact user experience. From a security perspective, the site has critical deficiencies: it lacks a valid SSL certificate and does not enable HTTPS or modern TLS protocols, severely impacting its security posture. While some security headers are present, the absence of proper SSL/TLS configuration is a major risk. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly provided, enhancing trust. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS and modern TLS versions, and enhancing security headers and session management. These steps will significantly improve the site's security score and user confidence.

T

Tractive

tractive.com

40

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

D

Deutsche Telekom AG

deutsche-telekom.com

62

Deutsche Telekom AG operates a comprehensive corporate website providing detailed information about its integrated telecommunications services, corporate responsibility, investor relations, and innovation initiatives. The company is positioned as a leading global telecommunications provider with a strong focus on transparency and stakeholder engagement. The website infrastructure is built on modern web technologies with a custom CMS, leveraging nginx and Varnish caching, and hosted on AWS. While the site is well-structured, mobile-optimized, and rich in content, the current SSL certificate is invalid or missing, which significantly impacts the security posture. Security headers are properly configured, but the lack of valid HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature privacy stance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL issues to ensure secure user interactions.

V

VARIOTHERM HEIZSYSTEME GMBH

variotherm.com

21

Variotherm Heizsysteme GmbH is an established Austrian company specializing in surface heating and cooling systems for floors, walls, and ceilings, leveraging over 30 years of expertise. Their product portfolio targets contractors, installers, architects, and end customers seeking efficient heating and cooling solutions. The company maintains a professional online presence with multilingual support and a comprehensive product and service offering. Technically, the website is built on TYPO3 CMS served by Apache, with integrated analytics via Matomo and Google Tag Manager. However, the absence of HTTPS and a valid SSL certificate significantly undermines the security posture. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and incident response information indicates room for improvement. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

The website arionsolutions.com.br is currently inactive and displays an error page indicating that the site does not exist or the content has been removed. The page promotes Locaweb's site creation service as an alternative. There is no substantive business information, contact details, or privacy and security policies available on the site. Technically, the site is served via HTTP without SSL/TLS encryption, which is a critical security deficiency. Basic security headers are present but insufficient to ensure a strong security posture. DNS and mail records indicate hosting and mail services are provided by Locaweb, a known Brazilian hosting provider. Overall, the site lacks content, security, and compliance features, resulting in a low trust and credibility score.

N

nora systems GmbH

nora.com

36

nora systems GmbH is a globally recognized manufacturer specializing in high-quality rubber floor coverings, headquartered in Germany with a history dating back to 1950. The company holds a strong market position as a leader in resilient flooring solutions across multiple sectors including healthcare, education, industry, and public buildings. Their business model focuses on manufacturing and direct sales, supported by innovative installation and cleaning systems. The website reflects a professional and comprehensive digital presence with rich content tailored to architects, builders, and facility managers. Technically, the site is built on Sitecore CMS and served via Microsoft IIS, with integrations for marketing and analytics through Google Tag Manager and Usercentrics consent management. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR standards. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

The website sensix.net is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual site content. The domain is mature, registered since 2016 with GoDaddy, and uses Cloudflare for DNS and security services. However, no valid SSL certificate is configured, and the site does not support HTTPS, which is a critical security deficiency. The landing page contains minimal content, primarily a security challenge message, with no visible business information, contact details, or privacy policies. Performance is poor with a high load time, and there are no indications of SEO or accessibility optimizations. Overall, the technical infrastructure relies on Cloudflare but lacks essential security configurations and content accessibility, limiting the ability to assess the business or security posture fully.

I

impact_

thinkimpact.com

37

ThinkImpact.com is a small, niche content website focused on providing research, trends, and statistical data in the education and business sectors for the United States market in 2025. The site offers free access to well-researched papers and reviews, targeting researchers, educators, and business professionals. The business model appears to be content publishing monetized primarily through advertising networks such as Mediavine and Google Ad Manager. Technically, the website is built on WordPress and uses common web technologies and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak with no HTTPS, no security headers, and no advanced protections, exposing users to potential risks. Privacy compliance is basic but present, with cookie consent and a privacy policy aligned with GDPR requirements. Overall, the site is legitimate and mature based on WHOIS data but requires urgent security improvements to protect users and enhance trust.

T

Triumph Intertrade AG

triumph.com

38

Triumph Intertrade AG operates a mature and well-established e-commerce platform specializing in lingerie and related apparel, primarily targeting the German market. The website demonstrates a high level of professionalism, rich content, and strong brand consistency, supported by a comprehensive customer loyalty program and active social media presence. The technical infrastructure leverages modern e-commerce technologies including Salesforce Commerce Cloud and Cloudflare for hosting and delivery, with integrated marketing and analytics tools such as Google Tag Manager and CQuotient. However, the absence of a valid SSL/TLS certificate on the main domain significantly undermines the site's security posture, exposing users to potential risks. Additionally, a subdomain takeover vulnerability on blog.triumph.com presents a notable security concern. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and incident response channels available. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.