Security Directory

E

Emerson Electric Co.

flexim.com

40

The website flexim.com serves as a comprehensive brand page for Flexim, a division of Emerson Electric Co., specializing in non-intrusive, clamp-on ultrasonic flow meters for liquids, gases, and steam. The site positions Flexim as an industry leader with a strong focus on industrial and energy sectors, offering a wide range of products, services, and customer support resources. The content is rich, professionally designed, and well-structured, targeting industrial customers and professionals seeking advanced flow measurement solutions. Technically, the site employs modern web technologies including Bootstrap, Google Tag Manager, and Visual Website Optimizer, hosted behind Cloudflare for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the site's security posture. Privacy and compliance measures are well addressed with clear privacy and cookie policies, and incident response channels are available. Overall, the site demonstrates high business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and maintain trust.

P

PXP Financial

pxpfinancial.com

40

PXP Financial is a UK-based payment technology company offering a unified commerce platform that simplifies global payments and commerce operations. The company targets a broad range of industries including retail, hospitality, gaming, and travel, providing services such as point of sale, eCommerce, acquiring, and cross-border payments. Their platform emphasizes intelligent payment routing, real-time business intelligence, and self-service capabilities, positioning them as a modern and innovative player in the payment solutions market. Technically, the website is built on HubSpot CMS with integrations of popular marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for privacy compliance. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is a critical issue for a financial services provider. The domain registration is consistent and mature, registered with a reputable UK registrar, and the business is FCA authorized, enhancing credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS security to meet industry standards and protect user data.

C

Campaigning Bureau

campaigning-bureau.com

24

Campaigning Bureau is a well-established political campaigning agency based in Austria with offices in Vienna and Berlin. They specialize in movement campaigning, political communication, stakeholder mobilization, and ESG communication, serving political actors, companies, NGOs, and organizations. The company holds a strong market position in Europe, supported by international awards and recognition as a top employer. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager and Truendo CMP, but suffers from slow load times and lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS and missing security headers, representing a critical vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Contact information is transparent and complete, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and improve trust.

D

Dorotheum GmbH & Co KG

dorotheum.com

40

Dorotheum GmbH & Co KG operates the largest auction house in Central Europe, specializing in art, antiques, jewelry, and collectibles with over 300 years of experience. The company holds numerous auctions annually, both online and in physical salerooms, and offers additional services such as private sales and expert consultations. The website is professionally designed, content-rich, and targets collectors, buyers, and sellers in the art and luxury goods market primarily in Austria and surrounding regions. Technically, the site is built on TYPO3 CMS with modern frontend libraries and integrates analytics and marketing tools like Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security posture to protect user data and enhance trust.

E

Ecker & Partner

eup.at

24

Ecker & Partner is a well-established PR and Public Affairs agency based in Vienna, Austria, offering a broad range of communication services including crisis communication, litigation PR, digital content, and storytelling. The company positions itself as a leading agency in its sector with a strong network and long-standing client relationships. Technically, the website is built on WordPress with common marketing and analytics integrations but suffers from a critical lack of a valid SSL certificate, resulting in insecure HTTP connections. The site is content-rich and professionally designed but experiences slow load times and lacks some security best practices. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy page. Overall, the business credibility is high, but the security posture requires urgent improvement to protect user data and trust.

Bühler Group is a well-established enterprise specializing in manufacturing and technology solutions primarily for the food processing and advanced materials industries. The company offers a broad portfolio of industrial solutions, including extrusion, milling, and process technologies, supported by global services such as maintenance, expert consulting, and training centers. Their website reflects a mature digital presence with consistent branding and comprehensive corporate governance information. Technically, the site is built on Adobe Experience Manager and hosted on AWS infrastructure with CloudFront CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms on forms. Overall, Bühler Group's website demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

S

Stefanel

stefanel.com

38

Stefanel is a European retail and e-commerce brand specializing in women's fashion, operating a multi-country website with localized country selectors. The business targets European consumers seeking stylish women's clothing. The website is built on the Salesforce Commerce Cloud (Demandware) platform and uses various marketing and analytics tools including Google Tag Manager, CQuotient, and LiveStory. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security flaw. Privacy compliance is partially addressed with a OneTrust cookie consent mechanism, but no privacy policy or terms of service are found on the splash page. Contact information is also absent, limiting user trust and support options.

T

TEUFELBERGER Ges.m.b.H.

teufelberger.com

27

TEUFELBERGER Ges.m.b.H. is a family-owned, international manufacturing group specializing in fiber ropes, steel wire ropes, and strapping solutions. The company serves industrial sectors including construction, marine, mining, forestry, and safety equipment, positioning itself as a diversified leader in rope manufacturing. Their website reflects a comprehensive product catalog and detailed service offerings, targeting industrial clients globally. Technically, the website is built on Magento Commerce with modern JavaScript libraries and marketing tools such as Google Tag Manager and MailerLite, indicating a mature digital infrastructure. However, performance metrics are lacking, and the site currently lacks a valid SSL certificate, which is a critical security deficiency. Security headers are present but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance indicators are evident. Contact information is transparent and includes physical address, phone numbers, and company emails, enhancing business credibility. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS configuration and security practices are recommended to protect user data and improve trust.

Heidelberger Druckmaschinen AG (HEIDELBERG) is a globally recognized leader in the manufacturing and supply of printing and packaging solutions, including offset and digital printing technologies, post-press packaging machines, and related software and services. The company targets commercial, packaging, and label printing companies worldwide, positioning itself as a market leader with a comprehensive product and service portfolio. The website reflects a mature digital presence with rich content, clear navigation, and strong branding, supporting its enterprise-level stature. Technically, the site uses modern web technologies and tracking tools but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security gap. Security headers are present but ineffective without SSL, and no explicit security or incident response policies are published. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. WHOIS data confirms domain legitimacy and consistency with the company’s identity. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

M

Microlife AG

microlife.ch

37

Microlife AG is a well-established Swiss company specializing in the development and production of medical diagnostic devices such as blood pressure monitors, thermometers, and respiratory therapy equipment. The company holds a strong market position as a world leader in healthcare technology, targeting both home users and healthcare institutions. Their website reflects a professional and consistent brand image with multilingual support and a comprehensive product portfolio. Technically, the website uses modern JavaScript and tracking tools but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS undermines user trust and exposes data to interception risks. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policies. However, no explicit security or incident response policies are publicly available. Overall, the site is functional and informative but requires urgent security improvements to align with best practices and user expectations.

F

Fenster. Türen. KATZBECK.

katzbeck.at

35

KATZBECK FensterGmbH Austria is a well-established manufacturer specializing in high-quality, custom windows and doors produced exclusively in Austria since 1950. The company emphasizes sustainability, regional production, and premium craftsmanship, targeting both end consumers and professional partners within Austria. Their website reflects a mature digital presence built on WordPress with the Divi theme, incorporating modern web technologies and user-friendly design. However, a critical security gap exists due to the absence of an SSL/TLS certificate, exposing users to potential risks. The site implements GDPR-compliant privacy and cookie policies, with clear contact channels and a professional content structure. To enhance trust and security, immediate implementation of HTTPS and additional security headers is recommended.

M

Melitta

melitta.com

40

Melitta is a well-established company specializing in coffee products and related services, operating a professional website that serves both consumers and B2B partners. The site provides comprehensive information about the company, its sustainability initiatives, and customer service options, supported by a consistent brand presence and active social media engagement. The technical infrastructure leverages modern JavaScript libraries, Google Analytics, and Cloudflare CDN services, with good mobile optimization and accessibility features implemented via a third-party widget. However, the website's security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is functional and professional but requires urgent remediation of SSL and TLS issues to improve security and trustworthiness.

Julius Meinl is a well-established premium coffee and tea company with a rich heritage dating back to 1862. The company operates globally, targeting both business customers such as coffee houses, hotels, and restaurants, as well as home consumers. Their offerings include high-quality coffee and tea products, professional equipment, and tailored services including training. The website reflects a strong brand identity consistent with their market position as a premium hospitality supplier. Technically, the site is built on Microsoft IIS with ASP.NET and Kentico CMS, hosted on Azure, and integrates modern analytics and marketing tools. However, the site suffers from a critical security issue due to an invalid SSL certificate, resulting in no HTTPS availability, which significantly impacts user trust and security posture. Privacy compliance is partial, with no visible cookie consent mechanism despite tracking scripts. Contact information is primarily via forms and social media, with no explicit emails or phone numbers published. Overall, the site is professional and content-rich but requires urgent security improvements.

Watts LLC is a well-established enterprise manufacturing and supplying plumbing, heating, water quality, drainage, and HVAC solutions globally. Founded in 1874 and headquartered in North Andover, Massachusetts, the company operates a broad portfolio of subsidiary brands and targets professionals and businesses in water technology sectors. The website reflects a mature digital presence with comprehensive content, strong branding consistency, and clear navigation tailored for a professional audience. Technically, the site leverages Sitecore CMS, Cloudflare hosting, and modern JavaScript libraries to deliver a good user experience with mobile optimization and accessibility features. However, the security posture is notably weak due to the absence of a valid SSL certificate and HTTPS support, which poses significant risks to user trust and data protection. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to align with best practices.

M

MERKUR trgovina d.o.o.

merkur.si

24

Merkur.si is a large Slovenian retail company specializing in home improvement, construction, gardening, personal care, and energy solutions. The company operates both physical stores and an extensive e-commerce platform, offering a wide range of products and services including financing options and expert consultations. The website is well-designed, user-friendly, and rich in content, targeting Slovenian consumers and businesses. Technically, the site is built on Magento with modern JavaScript frameworks and integrates multiple third-party marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements several security headers and privacy policies with consent mechanisms, indicating good privacy compliance. Overall, the business is legitimate and well-established, but urgent improvements in SSL/TLS implementation are recommended to enhance security and trust.

elektrabregenz.com is the official website of a large Austrian household appliance brand, part of the Beko corporate group. The site offers a comprehensive product catalog including cooling, cooking, dishwashing, and laundry appliances, targeting both consumers and retailers in Austria and German-speaking regions. The business is positioned as a major player in the European white goods market with a strong parent company backing and a wide product range. Technically, the website is built on Adobe Experience Manager and delivered via Akamai CDN, with modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to potential risks and undermining trust. Privacy policies and cookie consent mechanisms are present and well-implemented, supporting GDPR compliance. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to enable HTTPS and modern TLS protocols.

T

Trenkwalder Group AG

trenkwalder.com

40

Trenkwalder Group AG is a large, established HR services provider operating across multiple European countries. The company offers a range of services including HR service, outsourcing, and technology solutions, targeting both job seekers and corporate clients. Their digital presence is supported by modern web technologies such as Next.js and Storyblok CMS, hosted likely on Microsoft Azure infrastructure. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and country-specific domains. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service detected. The company maintains a strong social media presence and provides clear contact information, enhancing business credibility. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to meet modern standards.

OBI is a leading German home improvement and garden retailer with a strong online and physical presence. The website offers a comprehensive range of products and services including project planning, rental services, and loyalty programs. Technically, the site uses modern frameworks like Vue.js and Nuxt.js, hosted on AWS CloudFront, with extensive use of third-party analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user data protection. The site is well-structured, mobile-optimized, and provides clear contact and business information, supporting a high level of trustworthiness. Strategic improvements in security and privacy compliance are recommended to enhance overall risk posture.

G

GeoVille Information Systems and Data Processing GmbH

geoville.com

26

GeoVille Information Systems and Data Processing GmbH is a medium-sized Austrian technology company specializing in satellite-based Earth Observation services. With over 25 years of experience and a global footprint spanning 140 countries and 510 implementations, GeoVille offers a range of services including satellite imagery, data access, land monitoring analytics, platform interfaces, and advisory capacity building. Their target audience includes government agencies, environmental organizations, and sectors such as energy, security, and urban planning. The website is built on TYPO3 CMS with modern frontend technologies and demonstrates good design and navigation, though performance data is limited. From a technical perspective, the website uses Apache server technology and integrates libraries such as Bootstrap, jQuery, FontAwesome, and Google Tag Manager. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no advanced security mechanisms like HSTS or OCSP stapling are enabled. Privacy compliance is basic, with a privacy policy page present but no cookie consent mechanism detected. Contact information is limited to a contact form, with no direct emails or phone numbers published. The security posture is weak due to the absence of SSL/TLS, exposing users to potential interception risks. No incident response or vulnerability disclosure policies are published, which could impact trust. The domain registration data is consistent with the company's claims, showing a long-established presence since 1998. Social media presence is strong, supporting business credibility. Overall, the website is professionally designed and content-rich but requires urgent security improvements, especially enabling HTTPS and enhancing privacy compliance. Strategic recommendations include installing a valid SSL certificate, implementing cookie consent mechanisms, publishing security policies, and improving contact transparency to enhance trust and compliance.

C

CrateDB

crate.io

40

CrateDB operates as a technology company specializing in a real-time unified data layer that supports analytics, search, and AI workloads. Their platform enables rapid ad-hoc querying, hybrid search capabilities, and seamless AI model integration, targeting developers and enterprises requiring scalable, high-performance data solutions. The website demonstrates a strong market position with customer testimonials, industry use cases, and active engagement through webinars and events. Technically, the site is built on HubSpot CMS with integrations for analytics and marketing tools, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility is high, supported by consistent branding and trust signals.

G

Grupo La República Publicaciones

larepublica.pe

34

La República.pe is a prominent Peruvian news media company providing comprehensive news coverage across multiple domains including politics, economy, sports, entertainment, and international affairs. The website offers rich multimedia content such as videos, podcasts, and live updates, targeting Spanish-speaking audiences primarily in Peru. The company is well-established since 1981 and operates several subsidiary and partner sites, reinforcing its market presence. Technically, the site is built on modern web technologies including React and Next.js, hosted on Amazon CloudFront, and integrates advertising and analytics tools like Google Tag Manager, Teads, and Taboola. The site is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site currently suffers from an invalid SSL certificate, which is a critical issue that undermines user trust and secure communications. Other security best practices such as HSTS, OCSP stapling, and DNSSEC are not implemented, indicating room for improvement. Privacy compliance is partial, with a comprehensive privacy policy but no detected cookie consent mechanism. Overall, the site is a high-quality, trusted news source with strong business credibility but needs urgent attention to its SSL configuration and privacy compliance to enhance security and user trust.

M

Mississippi University for Women

muw.edu

33

Mississippi University for Women (The W) is a public co-educational university founded in 1884, offering a broad range of undergraduate and graduate programs with a strong emphasis on academic excellence and leadership development. The university holds a solid market position in the southern United States, recognized for low student debt and transfer student friendliness. The website reflects a professional and comprehensive digital presence, targeting prospective and current students, faculty, staff, and alumni. The content is rich, well-structured, and supported by active social media channels and event management tools.

U

USP Indicator Solutions GmbH

usp.at

28

USP Indicator Solutions GmbH is a specialized service provider that helps R&D and marketing teams in the consumer goods industry translate complex scientific claims into compelling demo assets. The company has a strong market presence with over 400 brands served, including major global names such as L'Oréal, Johnson & Johnson, and Bayer. Their key services include demo creation, real demo videos, product and claim demos, and digital experiences embedding AI and custom algorithms. The website reflects a mature digital infrastructure built on WordPress with Elementor and WooCommerce, supported by LiteSpeed hosting and modern web technologies. Privacy and cookie policies are well implemented with GDPR compliance and consent mechanisms. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HTTPS configuration, which poses a critical risk to user trust and data security. Strategic improvements in SSL deployment and security headers are recommended to enhance the overall security and compliance stance.

R

realme

realme.com

39

realme is a large technology company focused on the European market, offering smartphones, IoT devices, and accessories through a direct-to-consumer e-commerce model. The website is professionally designed with consistent branding and supports multiple regional versions and languages. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js, and integrates payment solutions from Adyen and PayPal, indicating a mature digital presence. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical issue for user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via email, with no phone numbers or physical addresses found on the site.

I

Institute of Brand Logic

brand-logic.com

22

Institute of Brand Logic is a professional consulting firm specializing in brand strategy, growth strategies, and organizational development with over 25 years of experience. The company operates primarily in Austria with offices in Innsbruck, Vienna, and Munich. Their website is well-designed, content-rich, and targets businesses and executives seeking to strengthen their market position through integrated brand and business development strategies. Technically, the website runs on WordPress with common plugins for multilingual support and performance optimization. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy. Business credibility is supported by client testimonials and professional presentation. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

K

Kollective Technology

kontiki.com

39

Kollective Technology operates a sophisticated enterprise video and collaboration platform focused on delivering observability, analytics, and optimization for large-scale video events. The company targets large enterprises and IT leadership teams, positioning itself as a leader in the technology sector with AI-powered solutions. The website is professionally designed, content-rich, and well-branded, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and integrations, hosted behind Cloudflare, and uses various marketing and analytics tools. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

S

SABIC

sabic.com

40

SABIC is a large multinational petrochemical company headquartered in Saudi Arabia, specializing in manufacturing and supplying polymers, chemicals, specialties, and agri-nutrients. The website reflects a mature enterprise with a comprehensive digital presence targeting industrial customers, investors, and job seekers. The content is professionally presented with clear navigation and consistent branding. Technically, the site uses ASP.NET technology with modern JavaScript libraries and Google Tag Manager for analytics and marketing. However, the SSL/TLS configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the site is trustworthy and professional but requires urgent remediation of HTTPS and SSL issues to ensure secure user interactions.

N

NTS Retail

ntsretail.com

28

NTS Retail is a specialized B2B software provider offering smart commerce and retail management solutions primarily for telecommunications operators and specialist retailers. The company positions itself as a preferred partner for leading telco brands worldwide, delivering unified commerce platforms and tailored retail management services. Their website reflects a professional and consistent brand image with strong client references and active social media engagement. Technically, the website is built on Drupal CMS, hosted on Azure DNS infrastructure, and utilizes Apache server technology. It incorporates modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. Security-wise, while some security headers are implemented, the lack of HTTPS, HSTS, and incident response information exposes the site to risks and compliance gaps. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site demonstrates good business credibility but requires urgent security improvements. Strategically, the company should prioritize securing its website with HTTPS, implement comprehensive privacy and cookie consent mechanisms, and publish clear security policies and incident response contacts to enhance trust and compliance.

KTM Sportmotorcycle GmbH operates a professionally designed and content-rich website targeting motorcycle enthusiasts primarily in Finland and Europe. The company is a leading European manufacturer of high-performance street and offroad motorcycles, supported by a large-scale business model including sales, parts, accessories, and motorsport activities. The website leverages modern technologies such as Adobe Experience Manager, Scene7 Dynamic Media, and Google Tag Manager, indicating a mature digital infrastructure. However, a critical security weakness is present due to an invalid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy and cookie policies are well implemented and GDPR compliant, supporting good privacy practices. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain trust.

S

Scheuch Group

scheuch.com

40

Scheuch Group is a well-established Austrian company specializing in industrial air cleaning and environmental technology solutions, holding a world market leader position since its founding in 1963. The company offers comprehensive services including devices, components, assembly, and consulting tailored to various industries. Their website reflects a professional digital presence with multilingual support and clear business information targeting industrial clients. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical security weakness due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support. Security headers are partially implemented, but the lack of encryption significantly undermines the site's security posture. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism via Cookiebot. Overall, the site is trustworthy and professionally maintained, but urgent improvements in SSL/TLS configuration are necessary to enhance security and user trust.

QCM Holding is a Swiss-based aviation competence center specializing in regulatory and Part-147 training, design approvals, aircraft technical management, and consulting services. With over 25 years of industry presence and recent ownership transition, QCM maintains a strong market position serving aviation professionals and organizations. The website reflects a professional and comprehensive service offering with clear navigation and relevant content. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and analytics tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business demonstrates credibility and trustworthiness, though the security weaknesses present a risk that should be addressed promptly.

M

Minimax GmbH

minimax.de

37

Minimax GmbH is a well-established leader in the fire protection industry with over 120 years of experience. The company offers a broad range of fire detection, suppression, and prevention systems tailored for various industries including energy, manufacturing, and transportation. Their market position is strong, supported by a comprehensive portfolio of products and services, including maintenance and training. The website reflects a professional and consistent brand image targeting industrial and commercial clients seeking reliable fire safety solutions. Technically, the site uses modern JavaScript modules, a CDN for content delivery, and integrates popular analytics and marketing tools such as Google Analytics and Facebook Pixel. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, leaving the site vulnerable to interception and undermining user trust. Security headers are properly configured, but the lack of HTTPS significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to align with best practices and protect users.

R

Rechberger Ges.m.b.H.

rechberger.at

21

Rechberger Ges.m.b.H. is a well-established Austrian company specializing in gastronomy and hotel supplies, with a strong market position in Austria and Bavaria. The company offers a broad product range including porcelain, glassware, cutlery, and professional kitchen equipment, supported by a large team of specialized consultants and an online shop. The website is professionally designed, content-rich, and targets B2B customers in hospitality and retail sectors. Technically, the site uses the Contao CMS with modern JavaScript libraries and integrates Google Tag Manager for analytics. However, the lack of a valid SSL certificate and HTTPS support significantly weakens the security posture, exposing users to risks. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the business credibility is high, but security improvements are critical.

O

oe24.at

oe24.at

36

Oe24.at is a prominent Austrian online news portal delivering comprehensive news coverage, multimedia content, and subscription services targeting German-speaking audiences interested in Austrian and global events. The website integrates advanced advertising and analytics technologies, including Google Tag Manager, Relevant Digital, and Piano subscription management, reflecting a mature digital infrastructure. However, a critical security deficiency is the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The site demonstrates strong privacy compliance with detailed GDPR-aligned policies and consent mechanisms. Overall, while content and business credibility are solid, urgent improvements in security posture are necessary to protect user data and maintain trust.

A

AFEC

afec.fr

21

AFEC is a well-established French professional training organization specializing in continuing education and alternance programs. Founded in 1975, it serves job seekers, apprentices, and employees aiming to develop skills or change careers. The website presents a comprehensive portfolio of training services, including certifications, VAE accompaniment, and competency assessments, supported by strong trust signals such as Qualiopi certification and partner endorsements. Technically, the site is built on WordPress with common plugins and tracking tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with visible GDPR and cookie policies, including consent mechanisms. Overall, the site offers good content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

A

ARCOTEL Hotels

arcotelhotels.com

35

ARCOTEL Hotels is a medium-sized hospitality group operating multiple hotels across Austria and Germany, focusing on urban locations and sustainable hospitality practices. The website presents a professional and consistent brand image with comprehensive content about their services, sustainability certifications, and direct booking advantages. Technically, the site uses a mix of legacy and modern technologies, including PHP 5.6.40, Bootstrap 4, and various JavaScript libraries, hosted on Amazon CloudFront CDN. However, the absence of a valid SSL certificate and use of outdated PHP versions represent significant security risks. Privacy and cookie policies are well implemented with consent mechanisms, and analytics usage is moderate with Google services. Overall, the site is functional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

Smaply GmbH

morethanmetrics.com

37

Smaply GmbH operates a professional SaaS platform focused on customer journey mapping and experience management. The company targets enterprise and professional users such as UX designers, product managers, and service designers. Their market position is supported by strong trust indicators including ISO 27001 and SOC-2 certifications, GDPR compliance, and customer testimonials. The website content is rich, well-structured, and professionally designed, reflecting a mature digital presence. Technically, the site is built on Webflow with integrations for analytics and marketing automation, hosted on Cloudflare and AWS infrastructure. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate and serves content over HTTP only, severely impacting security posture and trust. Privacy compliance is well addressed with cookie consent mechanisms and comprehensive policies. Overall, the business appears legitimate and trustworthy, but the lack of HTTPS is a major risk that should be remediated immediately.

S

Storyclash GmbH

storyclash.com

40

Storyclash GmbH operates a sophisticated AI-powered influencer marketing platform targeting marketers, brands, and agencies. The platform offers comprehensive services including influencer discovery, market insights, campaign management, and performance tracking across major social media platforms like Instagram, TikTok, and YouTube. The company is positioned as a leading solution in the influencer marketing space with strong brand partnerships and positive customer testimonials. Technically, the website employs modern frameworks such as Bootstrap and integrates multiple analytics and marketing tools including Amplitude, Google Tag Manager, HubSpot, and Intercom, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and lack of essential security headers represent significant security vulnerabilities that could impact user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent security improvements to enhance its security posture and user trust.

HEWI Heinrich Wilke GmbH is a well-established German manufacturer specializing in sanitary and hardware solutions with a strong emphasis on universal design and accessibility. The company offers a wide range of products and services targeting professional care, public, hotel, education, and home sectors. Their website reflects a mature digital presence with comprehensive content, multi-language support, and integration of modern web technologies such as Pimcore CMS and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. While privacy policies and consent mechanisms are implemented, the lack of advanced security configurations like DMARC, DNSSEC, and CAA records suggests room for improvement in domain and email security. Overall, the business demonstrates high credibility and professionalism, but urgent remediation of SSL and TLS issues is recommended to protect user data and enhance trust.

S

Starlinger & Co GmbH

starlinger.com

39

Starlinger & Co GmbH operates as a world-leading supplier of machinery for woven plastic packaging production and plastics recycling. The company offers comprehensive turnkey solutions covering the entire packaging lifecycle, including engineering, financing, after-sales service, and training. Their website reflects a mature B2B business model targeting manufacturers and recyclers globally, with a strong emphasis on sustainability and closed-loop packaging solutions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes tracking and consent management tools such as Google Tag Manager and Cookiebot. However, the website suffers from a critical security weakness due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

T

T-Mobile Austria GmbH

t-mobile.at

38

T-Mobile Austria GmbH operates the website t-mobile.at, branded as Magenta, providing telecommunications services including mobile telephony, internet, and TV packages primarily targeting Austrian consumers and businesses. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript libraries, and integrates Google Tag Manager and Usercentrics for analytics and consent management. However, a critical security gap exists as the website lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Security headers are partially implemented, but transport security is insufficient. Privacy and legal policies are comprehensive and GDPR compliant, with clear contact information and social media presence enhancing trust. Overall, the site is credible and well-positioned in the Austrian telecommunications market but urgently requires HTTPS implementation to improve security posture.

ATP architekten ingenieure is a well-established European architecture and engineering firm specializing in integrative planning and sustainable building solutions using Building Information Modeling (BIM). With over 1,500 employees and 14 locations across Europe, the company holds a strong market position as a BIM pioneer and leader in sustainable architecture. The website reflects a high level of professionalism, comprehensive project portfolios, and active engagement with clients through social media and contact forms. Technically, the site uses modern frameworks like Astro and is hosted on Netlify, but suffers from a critical security issue due to an invalid or missing SSL certificate, which undermines the security posture. Privacy and cookie policies are present and GDPR compliant, supporting good privacy practices. Overall, the site is content-rich and user-friendly but requires urgent security improvements to protect user data and enhance trust.

F

FELIX Austria GmbH

felix.at

40

FELIX Austria GmbH operates a well-established website focused on food products, particularly sauces such as ketchup, mayonnaise, and pestos. The company targets consumers primarily in Austria and German-speaking regions, offering product information, recipes, and partnerships. The website is built on TYPO3 CMS and integrates Google Tag Manager for analytics. While the site presents a professional design with good content quality and navigation, it lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS significantly impacts the overall security posture. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism is present. Contact information is available via a contact page, though no direct emails or phone numbers are explicitly listed. The domain registration data aligns well with the website content, indicating legitimacy. Strategic recommendations include obtaining a valid SSL certificate, implementing cookie consent, and publishing security policies to enhance trust and compliance.

L

Lee Enterprises

oanow.com

40

Opelika Auburn News (oanow.com) is a regional news media website operated by Lee Enterprises, providing comprehensive local news, sports, weather, opinion, and lifestyle content for Opelika, Auburn, Lee County, and East Alabama. The site targets local residents and community members, offering both free content and subscription-based digital and print editions. The business model relies heavily on advertising revenue supplemented by subscription services. The website is professionally designed with consistent branding and good content quality, supported by a modern CMS platform (BLOX) and a robust advertising ecosystem integrating multiple ad networks and tracking technologies. Privacy compliance is addressed through the use of Osano consent management, indicating GDPR adherence.

Henry Schein, Inc. is a well-established global distributor of medical and dental supplies, serving healthcare professionals with a broad portfolio of products and services. The company holds a strong market position as a Fortune 500 enterprise with a history dating back to 1932. Their website reflects a professional and consistent brand image targeting dental and medical professionals, offering solutions ranging from supplies to practice management software and educational resources. Technically, the site is built on a Microsoft IIS and ASP.NET stack, leveraging multiple third-party marketing and analytics tools, with moderate performance and good mobile optimization. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. While security headers and content security policies are implemented, the lack of valid HTTPS and modern TLS protocols is a critical vulnerability. Privacy compliance is basic, with no visible cookie consent mechanism or GDPR indicators, and no public security or incident response policies. Overall, the website is functional and credible but requires urgent improvements in SSL configuration and privacy compliance to enhance trust and security.

A

American International School Vienna

ais.at

40

The American International School Vienna (AIS Vienna) is a well-established international educational institution located in Vienna, Austria. The website presents a comprehensive overview of the school's offerings, including early childhood through high school education, student life, admissions, and community engagement. The school holds multiple international accreditations, reinforcing its credibility and commitment to quality education. The website is professionally designed using the Squarespace platform, featuring clear navigation, active social media integration, and basic privacy compliance mechanisms such as a cookie consent banner. Technically, the site leverages modern web technologies including jQuery, Google Fonts, and Google Analytics for tracking. However, a critical security shortfall is the absence of a valid SSL certificate, resulting in no HTTPS encryption and disabled modern TLS protocols. This significantly impacts the site's security posture and user trust. Security headers are partially implemented but could be enhanced. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR compliance indicators. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include installing a valid SSL certificate, enabling HSTS, and improving security policies and incident response readiness.

B

BWF Offermann, Waldenfels & Co. KG

bwf-group.com

33

BWF Offermann, Waldenfels & Co. KG operates the BWF Group, a mature and internationally recognized family-owned manufacturing business specializing in industrial filters, wool felts, technical needle felts, and plastic profiles. With 1,800 employees and 16 production sites worldwide, the company holds a strong market position as a technology leader in its sectors. The website reflects a professional and comprehensive presentation of their business, subsidiaries, and product offerings, targeting industrial clients globally. Technically, the site is built on TYPO3 CMS with modern JavaScript and PHP backend, but lacks critical HTTPS security, which significantly impacts its security posture. The presence of SPF and DMARC records indicates attention to email security, while social media and sustainability statements enhance trust and transparency. Overall, the site is content-rich and well-structured but requires urgent security improvements.

Jimmy Choo's official website serves as a high-end e-commerce platform offering luxury shoes, bags, accessories, and beauty products for men and women globally. The site demonstrates a strong brand presence with comprehensive content, clear navigation, and extensive marketing integrations. The technical infrastructure leverages Salesforce Commerce Cloud, Cloudflare CDN, and multiple marketing and analytics tools, indicating a mature digital ecosystem. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks and undermining trust. Privacy and cookie policies are well implemented, reflecting compliance with GDPR and other regulations. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

M

Memorial Healthcare System

mhs.net

37

Memorial Healthcare System is a well-established nonprofit healthcare provider based in South Florida, offering a wide range of medical services including cancer care, heart and vascular treatment, maternity, mental health, and rehabilitation. The organization targets both patients and medical professionals, positioning itself as a leader in the regional healthcare market with multiple accreditations and a strong community presence. The website reflects a professional and comprehensive digital presence with clear navigation, rich content, and consistent branding. Technically, the site is hosted on Microsoft Azure using ASP.NET and integrates modern web technologies and analytics tools such as Google Tag Manager and Azure Application Insights. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate and HTTPS support, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the site demonstrates high business credibility but requires urgent security improvements to protect user data and maintain trust.

F

Firma

firma.es

28

Firma is a medium-sized innovation and branding agency based in Spain, serving visionary founders and business leaders with a comprehensive suite of branding services including insights, strategy, creative, and experience design. The company is positioned as a premium agency with notable clients such as Volkswagen and Typeform, and holds B Corp and Climate Neutral certifications, reinforcing its commitment to sustainability and social responsibility. Technically, the website is built on Webflow CMS, leveraging modern JavaScript libraries like GSAP and Lenis for smooth animations and user experience enhancements. Analytics are implemented via Google Tag Manager and Microsoft Clarity, indicating a moderate level of user tracking and data collection. However, the website currently lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security vulnerability that undermines user trust and data protection. DNS security features such as DNSSEC and CAA records are also absent, representing further areas for improvement. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, supporting GDPR adherence. Overall, the website is professionally designed and content-rich but requires urgent security upgrades to meet modern standards.