Security Directory

GMS GOURMET GmbH is a leading Austrian company specializing in community catering, private label food production, and gastronomy services with over 45 years of experience. The company serves a broad audience including kindergartens, schools, workplaces, senior homes, and event catering, positioning itself as the market leader in Austria's community gastronomy sector. Their business model focuses on delivering high-quality, healthy, and sustainable food solutions tailored to diverse customer needs. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern marketing and consent management tools such as Google Tag Manager and Cookiebot. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. The company demonstrates strong trust signals through multiple certifications, sustainability initiatives, and family-friendly employer awards.

A

AMETEK Grabner Instruments

grabner-instruments.com

40

AMETEK Grabner Instruments is a medium-sized business specializing in the development and manufacturing of automatic petroleum testing equipment, including vapor pressure testers, flashpoint testers, and fuel analyzers. The company operates globally with a strong market position as an innovator and thought leader in fuel analysis technology. Their website reflects a professional business model focused on manufacturing, sales, training, and technical support services for the petroleum and energy sectors. Technically, the website uses ASP.NET technology with JavaScript libraries and is hosted on AWS infrastructure. While the site is mobile optimized and has good content quality, it suffers from slow load times and lacks a valid SSL certificate, which impacts security posture significantly. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Security best practices are partially implemented but require urgent improvements, especially regarding HTTPS and security headers. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate entity.

G

GDV Group

gdv.com.mx

40

GDV Group is a well-established market and consumer intelligence consultancy based in Mexico with over 50 years of experience. The company offers research and consulting services aimed at helping clients make informed business decisions. Their digital presence is built on WordPress with the Divi theme, leveraging common plugins and tracking tools such as Google Tag Manager and Facebook Pixel. While the website content is professionally presented and navigation is clear, the absence of a valid SSL certificate is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present but basic, with no visible terms of service or incident response policies. Overall, the business appears credible and consistent with its domain registration data, but security improvements are urgently needed.

L

Leviton Manufacturing Co., Inc.

brand-rex.com

40

Leviton Manufacturing Co., Inc. operates a comprehensive and professionally designed website offering a wide range of electrical and lighting control products targeting residential, commercial, and industrial markets. The company positions itself as a leader in home electrical safety with over 115 years of history, providing products such as lighting controls, wiring devices, networking solutions, electric vehicle charging, and submetering. The website demonstrates a mature digital presence with extensive product catalogs, market segmentation, and partner integrations. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, ensuring good user experience and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

T

T-Mobile Austria GmbH

upc.at

39

The website for upc.at, branded as Magenta Austria, represents a major telecommunications provider offering a wide range of services including mobile tariffs, internet packages, TV offerings, and bundled solutions for both consumers and business customers. The site is professionally designed with rich content, clear navigation, and consistent branding that aligns with the corporate identity of T-Mobile Austria GmbH. Structured data and social media presence further reinforce the company's legitimacy and market position in Austria. Technically, the site is built on Adobe Experience Manager CMS and utilizes modern marketing and analytics tools such as Google Tag Manager and Usercentrics for consent management. However, the website currently suffers from a critical security issue: the SSL/TLS certificate is invalid or missing, and no secure HTTPS protocols are enabled. This significantly impacts the security posture and user trust, despite the presence of security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Contact information is available primarily via phone numbers and contact forms, though no direct company email addresses are exposed. The WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, while the website excels in content quality, user experience, and privacy compliance, the lack of valid HTTPS and proper SSL configuration is a critical vulnerability that must be addressed immediately to ensure secure communications and maintain customer trust.

D

Daikin

daikin-ce.com

38

Daikin Central Europe operates as a regional branch of Daikin Industries, Ltd., specializing in air conditioning, heating, ventilation, heat pump, and refrigeration solutions. The website targets businesses and consumers in Central Europe, offering a broad portfolio of HVAC products and services. The company maintains a strong market position with multiple country-specific domains, reflecting a well-established regional presence. Technically, the website is built on Adobe Experience Manager CMS and leverages modern frontend technologies including Adobe Helix RUM for performance monitoring and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Security headers are partially implemented but insufficient without proper encryption. Privacy compliance is weak, with no visible privacy or cookie policies, and no contact information is provided on the landing page, limiting user trust and regulatory compliance. Overall, the site is professional and well-branded but requires urgent security and privacy improvements.

C

CardivAI GmbH

cydeckt.com

37

CardivAI GmbH operates in the healthcare technology sector, specializing in generative AI-driven diagnostics for cardiovascular diseases. Their offerings include AI integrations, AWS cloud-based solutions architecture, and DevOps services tailored for mobile-first healthcare applications. The company positions itself as a niche provider leveraging advanced AI models such as Anthropic's Claude 4 and AWS infrastructure to deliver innovative healthcare diagnostics solutions. The website content and branding reflect a professional and consistent image targeting healthcare professionals and technology adopters in the medical diagnostics field. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront, with modern frontend technologies including Bootstrap, Swiper, and JavaScript libraries for UI enhancements. Google Tag Manager and CookieYes scripts indicate moderate analytics and cookie consent management. However, the site lacks HTTPS support, which is a significant technical and security shortfall. Mobile optimization and SEO appear adequate, but performance metrics are unavailable. From a security perspective, the absence of a valid SSL/TLS certificate and HTTPS severely impacts the security posture, exposing users to potential data interception risks. No advanced security headers or protocols are implemented, and no incident response or vulnerability disclosure policies are evident. The use of AWS server-side encryption for content storage is a positive aspect, but overall security maturity is low. Privacy compliance is basic with cookie consent but lacks explicit GDPR compliance indicators. Overall, the website presents a credible business with professional content and clear contact information but requires urgent improvements in security, particularly enabling HTTPS and enhancing security headers. Strategic recommendations include implementing SSL/TLS, adopting security best practices, and formalizing privacy and incident response policies to improve trust and compliance.

W

Welser Profile GmbH

welser.com

32

Welser Profile GmbH is a well-established family-owned manufacturing company specializing in steel and stainless steel profiles, serving various industrial sectors including mobility, energy, and construction. The website presents a professional and content-rich platform with multilingual support and detailed service offerings. Technically, the site uses Apache server technology, HubSpot CMS, and integrates Google Maps and various marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but need enhancement. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements.

Wieland Austria Ges.m.b.H. is a well-established manufacturing company specializing in copper tubes and semi-finished and finished copper alloy products. Founded in 1904 and part of the global Wieland Group since 1999, it holds a strong market position in Europe with modern production sites in Amstetten and Enzesfeld, Austria. The company targets industrial and energy sectors, providing engineered products and services with a focus on quality and sustainability. The website reflects a professional digital presence with comprehensive content, certifications, and contact options. Technically, the site uses modern CMS and caching technologies but lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a consent management platform and clear policies. However, the absence of incident response and vulnerability disclosure information indicates room for improvement in security transparency. Overall, the website is credible and professional but requires urgent SSL/TLS remediation to ensure secure communications and trust.

A

abss interactive GmbH

abss.at

40

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

I

International Society of Automation

isa.org

40

The International Society of Automation (ISA) is a well-established non-profit professional association focused on industrial automation. It serves a global audience of engineers, technicians, and management professionals by providing standards, certifications, training, and events. The organization holds a strong market position as a trusted source for automation standards and technical resources. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site uses Microsoft IIS with ASP.NET MVC and Kentico CMS, integrating modern JavaScript libraries and Google Tag Manager for analytics. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which are critical for secure communications. Privacy policies and terms of service are well documented, though cookie consent mechanisms appear lacking. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

J

Jungbunzlauer Suisse AG

jungbunzlauer.com

33

Jungbunzlauer Suisse AG is a leading manufacturer of biodegradable ingredients of natural origin, serving diverse industries including food, beverage, pharmaceutical, cosmetics, and cleaners. The company emphasizes sustainability and quality, positioning itself as a global leader in its sector. Their website reflects a professional and content-rich digital presence, targeting businesses seeking natural and sustainable ingredient solutions. Technically, the site is built on TYPO3 CMS and hosted on infrastructure likely provided by AWS, with integrations such as Google Tag Manager for analytics. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses risks to data confidentiality and user trust. Privacy and cookie policies are well implemented, showing GDPR compliance and user consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect visitors and maintain credibility.

P

Porsche Inter Auto

porschewiennord.at

38

Porsche Inter Auto is a prominent automotive dealership network in Austria, representing multiple Volkswagen Group brands including VW, Audi, Porsche, ŠKODA, SEAT, and CUPRA. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing, and accessories. Their market position is strong within the Austrian automotive retail sector, supported by a large network of dealer locations and a high volume of customer reviews indicating strong customer satisfaction. Technically, the website is built on the Plone CMS platform using Python and Zope, with Cloudflare providing hosting and CDN services. The site integrates modern web technologies such as Google Tag Manager, OneTrust for cookie consent, Leaflet and Google Maps for location services, and Swiper for interactive content. The site is well-structured, mobile-optimized, and includes rich content and structured data for SEO. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like HSTS are missing, and no advanced SSL/TLS features are enabled. However, the site does implement some security headers such as X-Frame-Options and uses Cloudflare for some level of protection. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will significantly enhance user trust and compliance with modern security standards.

A

ACP-Gruppe

acp.de

38

ACP-Gruppe is a well-established IT solutions provider operating primarily in Germany and Austria, specializing in hybrid cloud, modern workplace, network security, and digital solutions. The company positions itself as a market leader with a strong partner ecosystem including major technology vendors. The website is professionally designed, content-rich, and targets business customers seeking digital transformation services. Technically, the site is built on HubSpot CMS with modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager and HubSpot Analytics. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which poses significant risks for secure communications. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security or incident response policies are found. WHOIS data aligns with the business claims, showing consistent registration without privacy protection but lacking domain locks. Overall, the website is credible and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

S

SIGNA

signa.at

26

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

Vebego Deutschland is a well-established facility services provider in Germany, offering a broad range of services including building cleaning, industrial cleaning, green care, facility management, and security services. The company positions itself as a reliable and innovative partner focused on enhancing client environments for better performance and quality of life. The website content is professional and well-structured, targeting business clients in need of comprehensive facility services. Technically, the website uses modern marketing and optimization tools such as Google Tag Manager and Visual Website Optimizer, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected, which may pose GDPR compliance risks. Business credibility is supported by multiple certifications and industry memberships, enhancing trust. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with best practices.

B

Bullhorn

invenias.com

40

Bullhorn is a well-established enterprise SaaS provider specializing in cloud-based staffing and recruitment software solutions, including the Invenias executive search platform. The company serves a global customer base with a comprehensive suite of products designed to streamline recruitment processes, enhance compliance, and improve business development efforts. The website reflects a mature digital presence with strong branding, professional content, and targeted messaging for staffing firms and executive search professionals. Technically, the site leverages WordPress CMS, integrates marketing automation tools like Marketo, and employs standard web technologies such as jQuery and Slick Carousel. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which is a critical vulnerability that undermines user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent via OneTrust, and GDPR adherence. Overall, the site is professional and credible but requires urgent remediation of SSL issues to ensure secure user interactions.

R

ratiopharm GmbH

ratiopharm.com

40

ratiopharm GmbH operates a comprehensive German pharmaceutical website focused on generics and health solutions. The company is a well-established player in the healthcare sector, supported by its parent company Teva Pharmaceutical Industries. The website provides extensive product information, health advice, and services targeted at consumers and healthcare professionals. Technically, the site uses TYPO3 CMS with modern JavaScript frameworks and integrates Google Analytics and Usercentrics for analytics and cookie consent. However, the SSL certificate is invalid or missing, which is a critical security concern. Security headers are mostly implemented, but TLS protocols are disabled, significantly impacting the security posture. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Contact information is clearly presented, enhancing business credibility.

Edgewell Personal Care operates a global corporate website showcasing its portfolio of personal care brands. The site targets consumers and stakeholders interested in the company's products, culture, and sustainability efforts. Technically, the site is built on Shopify with Cloudflare CDN and security services, leveraging modern web technologies and cookie consent mechanisms. However, a critical security weakness is the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure communications. Privacy compliance is well addressed with OneTrust cookie consent and GDPR indicators. Overall, the site presents a professional and trustworthy business image but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

P

Palfinger AG

palfinger.ag

37

Palfinger AG is a well-established international manufacturer specializing in innovative hydraulic lifting solutions, including cranes, access platforms, and marine equipment. The company holds a strong market position with a large workforce and extensive global manufacturing and sales presence. The website reflects a mature digital infrastructure using Pimcore CMS and Bootstrap framework, with good mobile optimization and accessibility. However, the absence of a valid SSL/TLS certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, supported by OneTrust consent management. The company demonstrates transparency through investor relations, social media engagement, and a vulnerability disclosure policy. Overall, Palfinger AG's website is professional and content-rich but requires urgent security improvements to align with best practices.

B

Bloomerang

initlive.com

63

Bloomerang operates as a leading provider of cloud-based donor management and fundraising software tailored for nonprofit organizations. The company offers a comprehensive suite of tools including donor CRM, fundraising, and volunteer management solutions, positioning itself as a trusted partner to over 26,000 nonprofits. Their market presence is reinforced by multiple industry awards and strong customer testimonials, reflecting a mature and well-established business model focused on SaaS delivery. Technically, the website is built on WordPress and leverages a modern technology stack including Yoast SEO, Google Tag Manager, and various marketing and analytics integrations such as Marketo and Microsoft Clarity. Hosting is provided via WP Engine with Cloudflare CDN, ensuring good infrastructure support. The site demonstrates excellent design quality, mobile optimization, and SEO practices, contributing to a positive user experience and strong digital maturity. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which significantly undermines its security posture. While some security headers are present, critical improvements are needed to secure data transmission and protect user privacy. Privacy and cookie policies are comprehensive and GDPR compliant, indicating attention to regulatory requirements. Contact information is clearly provided, enhancing business credibility. Overall, Bloomerang's website reflects a professional and trustworthy nonprofit software provider with strong business credibility and digital presence. However, the absence of HTTPS and modern encryption protocols presents a critical security risk that should be addressed promptly to protect users and maintain trust.

plenum AG Management Consulting is a well-established German management consulting firm specializing in transformation advisory services primarily for the finance, insurance, and energy sectors. With over 35 years of experience, the company holds a strong market position supported by industry awards and a professional digital presence. The website reflects a mature digital infrastructure built on TYPO3 CMS, featuring comprehensive content, clear navigation, and multi-channel engagement including social media and newsletters. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, aligning with GDPR requirements. Overall, the business demonstrates high credibility and professionalism but must urgently address its HTTPS deficiency to improve security posture and user confidence.

H

HESS Cash Systems GmbH & Co. KG

hess.de

21

HESS Cash Systems GmbH & Co. KG is a medium-sized German company specializing in cash processing system solutions, serving banks, public institutions, energy providers, libraries, and retail businesses. The company positions itself as a market leader with over 135 years of tradition, offering consulting, development, production, and service. The website reflects a professional B2B business model with clear branding and consistent messaging. Technically, the site uses a TYPO3 CMS platform with modern frontend frameworks like Bootstrap and jQuery, and integrates Google Tag Manager and Cookiebot for analytics and cookie consent. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no explicit security or incident response policies are published. The domain registration and DNS records align well with the parent company Gauselmann Group, supporting legitimacy. Overall, the website is functional and informative but requires urgent security improvements to protect user data and enhance trust.

E

eRecruiter GmbH

erecruiter.net

24

eRecruiter GmbH is an established Austrian technology company specializing in recruiting software solutions. With over 20 years of experience and a client base of more than 350 companies, eRecruiter offers a comprehensive suite of services including applicant tracking, talent sourcing, AI-assisted recruiting, and detailed reporting. The company positions itself as a user-friendly, efficient, and GDPR-compliant solution provider targeting SMEs and enterprise clients. Technically, the website is built on WordPress using modern frameworks and libraries, with integrations for Google Analytics and Tag Manager for marketing and analytics purposes. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the business demonstrates strong credibility and professionalism but must urgently address its SSL/TLS configuration to improve security and trust.

K

KIWI Norge AS

kiwi.no

36

KIWI Norge AS operates a large grocery retail chain in Norway with nearly 700 stores, targeting Norwegian consumers seeking affordable and convenient grocery shopping. The website provides rich content including store locators, customer magazines, and loyalty program information (KIWI PLUSS). Technically, the site is built on ASP.NET MVC with AngularJS and integrates multiple third-party services such as Google Analytics and Piwik Pro for analytics and marketing. The site is hosted on Microsoft Azure and uses modern web technologies but lacks a valid SSL certificate, resulting in insecure HTTP connections. Security headers like Content-Security-Policy are present but could be hardened further. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the trusted trumf.no domain. Contact information is clearly provided with phone numbers and physical address, and social media presence is active. Overall, the site is professional and trustworthy but has a critical security gap due to missing HTTPS.

H

Hoval Aktiengesellschaft

hoval.com

40

Hoval Aktiengesellschaft operates as a leading provider of advanced indoor climate control solutions, specializing in heating, ventilation, and energy-efficient systems for a broad range of building types including residential, commercial, and industrial sectors. The company maintains a strong international presence with a well-structured website that clearly communicates its product offerings and corporate philosophy focused on sustainability and energy responsibility. Technically, the website leverages modern web technologies and SAP Commerce platform, supported by Google Tag Manager and OneTrust for privacy compliance. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is robust with clear policies and consent mechanisms in place. Overall, the website reflects a mature digital presence but requires urgent remediation of SSL and TLS issues to enhance security and trust.

H

HYPO NOE Landesbank für Niederösterreich und Wien AG

hyponoe.at

38

HYPO NOE Landesbank für Niederösterreich und Wien AG is a well-established regional financial institution in Austria, offering a broad range of banking services including retail accounts, savings, investments, financing, and green banking products. The website targets private customers, young adults, companies, and public sector entities, emphasizing sustainability and digital banking solutions. Technically, the site is built on TYPO3 CMS with modern frontend technologies and includes cookie consent management and analytics integration. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS support, which is critical for a banking website. Despite this, the site maintains good privacy compliance and business credibility with clear contact information and certifications. Strategic improvements in SSL/TLS configuration and security headers are recommended to enhance trust and security.

ready2order GmbH is a medium-sized Austrian company providing cloud-based, finance-compliant cash register and POS systems tailored for small businesses in retail, gastronomy, and service sectors. Their offerings include software subscriptions and proprietary hardware, with a strong emphasis on compliance with Austrian RKSV regulations and ease of use. The website is professionally designed, content-rich, and targets small business owners seeking modern, flexible POS solutions. Technically, the site uses modern frameworks like Gatsby and React and is hosted behind Cloudflare DNS, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS and security headers, exposing users to potential risks. Privacy compliance is adequate with visible privacy and cookie policies, but no explicit security or incident response policies are found. Overall, the business appears legitimate and well-positioned in its market, but urgent improvements in SSL/TLS configuration and security practices are recommended to enhance trust and protect users.

D

Dataphone GmbH

dataphone.at

25

Dataphone GmbH is an Austrian company specializing in digitalizing supply chain processes, offering innovative software and hardware solutions primarily for warehouse logistics, transport, and retail sectors. Their market position is strong within Austria, providing comprehensive services including warehouse management systems (LOGIS 4 and LOGIS Light), hardware products like barcode scanners and label printers, and professional maintenance and support services. The company targets businesses seeking to modernize and optimize their logistics and supply chain operations through digital transformation. Technically, the website is built on WordPress with a modern theme and uses a variety of plugins for SEO, performance optimization, cookie consent, and analytics. However, a critical security shortfall is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site employs Google Analytics, Google Tag Manager, and other marketing tools with proper consent mechanisms, indicating good privacy compliance. Contact information and business details are clearly presented, enhancing business credibility. Overall, while the business and technical maturity are good, urgent improvements in security infrastructure are necessary to protect user data and build trust.

T

Triple A Aqua Service GmbH

watercooler.at

23

Triple A Aqua Service GmbH operates the website watercooler.at, offering water dispensers and related services primarily in Austria. The company positions itself as a market leader with over 25 years of experience, providing both leased water dispensers and Alpenwasser bottled water delivery. The website is professionally designed using WordPress with the Divi theme and includes comprehensive content, customer testimonials, and social media integration. However, the technical infrastructure shows weaknesses in SSL/TLS configuration, lacking a valid certificate and modern protocols, which poses security risks. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Contact information is clearly provided, enhancing business credibility.

Trinergy International, led by Dr. Roman Braun, is a prominent European educational institution specializing in NLP and coaching training. The website presents a comprehensive portfolio of NLP seminars, coaching certifications, and diploma programs, targeting individuals and professionals seeking personal and career development. The company holds recognized certifications from international and Austrian bodies, reinforcing its market leadership. Technically, the site is built on WordPress with modern plugins and frameworks, offering good SEO and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

C

CREATE

create.at

25

CREATE is a medium-sized Austrian eLearning company specializing in interactive and immersive digital learning solutions for businesses, academies, and trainers. The company offers a comprehensive range of services including consulting, content creation, learning management systems, and XR learning experiences. Positioned as a multiple award-winning full-service eLearning agency, CREATE targets organizations seeking innovative and tailored digital education solutions. The website reflects a professional and consistent brand image with excellent content quality and user experience.

S&P Global Ratings operates as a leading global credit rating agency providing essential financial intelligence embedded into the workflows of customers worldwide. The website reflects a mature enterprise with a comprehensive offering of credit ratings, research, and analytics services targeted at investors, issuers, and intermediaries. The digital infrastructure leverages modern JavaScript libraries, marketing tools, and analytics platforms, hosted primarily on Amazon AWS with content delivery via Akamai. While the site is professionally designed with excellent content quality and user experience, it lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present, but the absence of TLS protocols and certificate transparency compliance are critical gaps. Privacy policies and cookie notices are well implemented, indicating good privacy compliance. Overall, the website demonstrates high business credibility but requires urgent security improvements to align with best practices and protect user data.

V

Vela Labs

vela-labs.at

28

Vela Labs GmbH is a GLP and GMP certified contract laboratory specializing in analytical services for pharmaceutical and biotechnology companies. The company supports all phases of drug development with services including physico-chemical analysis, ligand binding assays, cell based assays, microbiological analysis, clinical sample analytics, and GMP storage. As part of the Tentamus Group, Vela Labs positions itself as a trusted partner with strong compliance credentials and a focus on quality and regulatory adherence. The website demonstrates a professional digital presence built on WordPress with SEO and analytics integrations, targeting pharma and biotech professionals. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the company shows a solid market position but should urgently address its SSL/TLS configuration to improve security posture and user confidence.

E

Eurofins Scientific

eurofins.com

40

Eurofins Scientific operates a comprehensive global network of laboratory testing services specializing in food, environment, pharmaceutical product testing, and agroscience CRO services. With approximately 63,000 employees and over 950 laboratories across 60 countries, Eurofins is a world leader in its sector, offering more than 200,000 analytical methods. The website reflects this extensive business scope with detailed service offerings and a strong global presence. Technically, the site uses modern JavaScript libraries and analytics tools, but suffers from critical SSL/TLS configuration issues that undermine its security posture. Security headers are implemented, but the lack of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities. Privacy compliance is well addressed with cookie consent mechanisms and privacy policies in place. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS issues to ensure secure user interactions.

V

VERITAS Verlags- und Handelsges.m.b.H.&Co.OG

veritas.at

40

VERITAS Verlags- und Handelsges.m.b.H.&Co.OG is a leading Austrian educational publisher specializing in printed and digital school books and learning materials. The company offers a broad portfolio of over 400 product lines and 80,000 digital and printed resources targeting teachers, students, and parents primarily in Austria. Their market position is strong within the Austrian education sector, supported by comprehensive digital platforms and learning apps. The website reflects a mature digital presence built on Magento Commerce, integrating modern analytics and marketing tools such as Google Analytics and New Relic. However, the website's security posture is weakened by an invalid SSL certificate and incomplete enforcement of HTTPS, which poses a risk to user trust and data security. Content Security Policy is implemented in report-only mode, indicating partial adoption of security best practices. Overall, the site is professionally designed with excellent content quality and navigation, but security improvements are necessary to enhance trust and compliance.

H

Heller Consult Tax & Business Solutions GmbH

hellerconsult.com

27

Heller Consult Tax & Business Solutions GmbH is a Vienna-based tax and business consulting firm targeting entrepreneurs and businesses primarily in Austria. The company offers a range of services including tax consulting, accounting, business consulting, digital booking, and client portals. Their market position is that of a small but professional local firm with an international network partner, InterGest® Austria, supporting clients with expansion needs. The website is well structured, professionally designed, and provides clear contact channels and trust indicators such as customer testimonials and a ProvenExpert rating widget. Technically, the site is built on TYPO3 CMS with UIkit framework and integrates analytics tools like Google Tag Manager and Hotjar. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security vulnerability. Cookie consent and privacy policies are well implemented and GDPR compliant. Overall, the business presents a credible and professional image but must urgently address its SSL/TLS deficiencies to improve security and trust.

faigle Kunststoffe GmbH is a medium-sized, family-owned company specializing in thermoplastic plastic solutions for industrial sectors such as transportation, intralogistics, public transport, and manufacturing. The company offers a range of products including machined finished parts, holding loops, plastic rollers, and semi-finished products, supported by an online shop. The business is positioned as an innovative and quality-focused player with international subsidiaries and recognized certifications like the Red Dot Design Award and Creditreform creditworthiness certificate. Technically, the website uses nginx, Google Tag Manager, and Matomo Analytics, but lacks a valid SSL certificate, resulting in insecure HTTP access and weak security posture. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. The website is well-structured, mobile-optimized, and professionally branded, though performance is slow and accessibility is basic. Security headers are partially implemented but critical SSL/TLS deficiencies significantly reduce the security score. Overall, the domain registration is consistent and legitimate, matching the business claims.

A

Adapt Centre

adaptcentre.ie

37

The ADAPT Centre is a prominent Irish research centre specializing in AI-driven digital content technology, collaborating with leading academic institutions such as Trinity College Dublin, Dublin City University, University College Dublin, and Dublin Institute of Technology. It serves a diverse audience including industry partners, researchers, and the public, focusing on advancing AI research, fostering innovation, and supporting enterprise collaboration. The centre is well-positioned in the technology research sector with strong government funding and industry partnerships. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced functionality such as Gravity Forms and FacetWP. Hosting is managed by WP Engine with Cloudflare CDN providing content delivery and some security features. While the site is mobile-optimized and SEO-friendly, performance data is missing, and some accessibility features are basic. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS properly, which is a critical vulnerability. Other security headers and best practices are partially implemented, but the absence of HTTPS and HSTS significantly lowers the security posture. No explicit security or incident response policies are found on the site, and cookie consent mechanisms are missing, indicating partial privacy compliance. Overall, the website is professional and trustworthy in terms of business credibility and content quality but requires urgent improvements in security infrastructure to protect user data and comply with best practices. Strategic recommendations include implementing valid SSL/TLS certificates, enabling modern TLS protocols, and adding privacy and security policies to enhance compliance and user trust.

M

Maschinenring Schweiz

maschinenring.ch

26

Maschinenring Schweiz is a Swiss umbrella organization dedicated to fostering inter-company collaboration in agriculture. It connects members, organizes purchasing cooperatives, and offers various services to support agricultural businesses. The website is professionally designed using TYPO3 CMS and hosted on Hostpoint, with a clear structure and multilingual support. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Privacy and cookie policies are well implemented with consent mechanisms, and social media presence is established on Facebook and Instagram. Overall, the site reflects a medium-sized, established non-profit entity with a strong community focus but requires urgent security improvements.

NETCONOMY GmbH is a mature technology consulting and digital platform services company founded in 2000 and based in Austria. The company focuses on helping businesses transform digitally by providing services in digital strategy, consulting and innovation, platform building, and operations excellence. Their market position is supported by long-term global customer relationships and partnerships with leading technology providers such as SAP, Google Cloud, and Microsoft Azure. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, GDPR compliance plugins, and marketing tools like HubSpot and Facebook Pixel. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Security headers are minimal, and no explicit security or incident response policies are published. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

SGL Carbon is a global technology leader specializing in carbon-based materials and solutions, serving key industries such as sustainable mobility, energy, semiconductor technology, and chemical manufacturing. The company operates worldwide with a strong presence in Europe, North America, and Asia, employing approximately 4,700 people and generating significant revenue. The website reflects a mature and professional business with comprehensive content, clear branding, and a focus on sustainability and innovation. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical lack of HTTPS and valid SSL certificates, severely impacting security posture. Privacy compliance is well addressed with cookie consent mechanisms and detailed policies. Overall, the site is trustworthy and professional but requires urgent security improvements to protect users and data.

A

AF Compressors

afcompressors.com

40

AF Compressors is a well-established manufacturer specializing in oil-free piston compressors, serving industrial sectors including PET bottling. The company positions itself as a world leader with a strong focus on energy and cost savings. Their website reflects a medium-sized enterprise with a global service network and a consistent brand presence. Technically, the site is built on WordPress with modern libraries and tracking tools, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts security posture. Privacy policies and cookie consent mechanisms are implemented, though extensive tracking scripts may affect privacy compliance. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

S

Stryker

stryker.com

40

Stryker is a large multinational healthcare company specializing in medical devices and healthcare solutions, serving a global audience including healthcare professionals and patients. The website serves as an international homepage with localized country sites, reflecting a broad global presence. Technically, the site is built on Adobe Experience Manager and hosted via AWS CloudFront, utilizing various marketing and analytics technologies such as Adobe DTM, Google Analytics, and Marketo. However, the website lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are implemented but cannot compensate for the absence of HTTPS. Privacy and cookie policies are not found, and no explicit contact information is provided on the homepage, which impacts privacy compliance and user trust. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy compliance to meet modern standards.

S

Schäfer Shop Deutschland

schaefer-shop.de

36

Schäfer Shop Deutschland is a well-established e-commerce retailer specializing in office furniture, office supplies, and warehouse equipment, serving primarily business customers across Europe. With over 50 years of experience, the company offers a comprehensive product range exceeding 85,000 items, emphasizing quality, service, and fast delivery. The website reflects a mature digital presence with professional design, clear navigation, and multi-language support for various European markets. Technically, the site employs modern marketing and analytics tools including Usercentrics for consent management, Google Tag Manager, and Adobe Experience Cloud, ensuring compliance with privacy regulations and effective user tracking. However, a critical security concern is the absence of a valid SSL certificate and lack of HTTPS support, which significantly undermines the site's security posture and user trust. Despite this, the site maintains strong trust indicators such as ISO certifications, Trusted Shops membership, and sustainability awards. Overall, while the business and technical maturity are high, immediate remediation of SSL/TLS issues is essential to secure the platform and protect customer data.

B

Belimed INC.

belimed.com

40

Belimed INC. is a large healthcare-focused company specializing in medical and surgical instrument sterilization, disinfection, and cleaning products and services. The company positions itself as a trusted partner in advancing medical care and protecting patient and staff safety, with a global presence and over 1,000 employees across nine countries. Their business model is primarily B2B, serving sterile processing departments and healthcare providers with a comprehensive portfolio including washer-disinfectors, sterilizers, digitalization solutions, and training services. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Tailwind CSS for styling. It integrates multiple analytics and marketing tools including Google Analytics, Facebook Connect, LinkedIn Pixel, and Calendly. The site is well-optimized for mobile and accessibility, with clear navigation and professional design. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. From a security perspective, the site implements several important HTTP security headers and a restrictive Content-Security-Policy, but the lack of a valid SSL certificate and incomplete HSTS implementation are critical weaknesses. No explicit security or incident response policies are found, and there is no vulnerability disclosure or security.txt file. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is professional and trustworthy from a business and content perspective but requires urgent remediation of SSL issues to improve security and user trust. Strategic improvements in security policy transparency and incident response readiness are also recommended.

H

HKR Architects

hkrarchitects.com

37

HKR Architects is an established international architecture and urban design firm founded in 1992, with offices in London, Dublin, Dubai, and Abu Dhabi. The company offers a range of architectural services including masterplanning and modular design, targeting clients seeking professional architectural solutions globally. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience. Technically, the site is built on the Squarespace platform, leveraging modern web fonts and Google Tag Manager for analytics, but lacks performance metrics for a full assessment. Security posture is weak due to the absence of a valid SSL certificate and disabled HTTPS, exposing users to potential risks. Privacy compliance is basic with a cookie banner and privacy policy present, but GDPR compliance is not clearly demonstrated. Overall, the site is credible and professional but requires urgent security improvements to protect visitors and enhance trust.

I

ICW Group

icwgroup.com

36

ICW Group is a national commercial insurance provider specializing in workers' compensation, catastrophe insurance, and assumed reinsurance coverage. The company targets businesses seeking comprehensive insurance solutions and risk management services. Their website reflects a mature digital presence built on WordPress with Elementor, featuring well-structured content, clear navigation, and integration with multiple marketing and analytics tools such as Hotjar, Pardot, and Google Tag Manager. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. While cookie consent mechanisms and privacy policies are in place, explicit security policies and incident response information are absent. Overall, the website demonstrates good business credibility and user experience but requires urgent improvements in security to protect user data and enhance trust.

N

NNZ United States

nnzusa.com

40

NNZ United States is a well-established multinational packaging company with a history dating back to 1922. The company specializes in providing customized packaging solutions primarily for the fresh produce and industrial sectors. It operates through a broad network of subsidiaries across Europe, North America, and Africa, positioning itself as a market leader with a strong emphasis on sustainability and innovation. The website reflects a professional and comprehensive digital presence, offering detailed product portfolios, sustainability initiatives, and corporate information. Technically, the website is built on WordPress with modern tools such as Gravity Forms and Google Tag Manager integrated for analytics and marketing. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from a critical security shortfall: the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Security headers are properly configured, but the lack of encryption undermines user trust and data protection. The company demonstrates good privacy compliance with clear privacy and cookie policies, including consent mechanisms. Contact information is readily available, including phone numbers, physical address, and contact forms, enhancing business credibility. However, no explicit security policy or incident response information is found on the site. Overall, NNZ USA presents a strong business and digital profile but must urgently address its SSL/TLS configuration to improve security and trustworthiness. Strategic improvements in this area will enhance user confidence and align the website with modern security standards.

P

Pointy Hills Media Ltd

fall-line.co.uk

35

Fall Line Skiing is a specialized UK-based media company operating a ski magazine and website focused on ski gear reviews, resort guides, and skiing stories. The company targets ski enthusiasts and offers subscriptions, single issue sales, advertising, and an e-commerce shop. The website is built on WordPress with WooCommerce and uses modern marketing and analytics tools, including Google Analytics, Tag Manager, and Microsoft Clarity. The content quality and branding are excellent, with clear navigation and professional design. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Security headers are present but insufficient without HTTPS. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms implemented. Contact information is clearly provided, including a UK physical address and phone number. Overall, the website is trustworthy but requires urgent security improvements to protect user data and enhance trust.