Security Directory

T

TimeTac GmbH

timetac.com

31

TimeTac GmbH operates a comprehensive online time tracking software platform targeting businesses of all sizes, including SMEs and enterprises across multiple industries. The company offers modular SaaS solutions including employee time tracking, project time tracking, leave management, and integrations via API. Positioned as a market leader especially in German-speaking countries, TimeTac emphasizes GDPR compliance, data protection, and customer service excellence. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site uses WordPress CMS with Bootstrap and jQuery, and integrates multiple marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for consent management. However, the website currently suffers from a critical security issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled, exposing users to risks and undermining trust. Security headers are absent, and performance is slow due to high load times and large page size. Privacy compliance is strong with clear policies and consent mechanisms. Business credibility is high, supported by certifications, partner logos, and customer testimonials.

M

MCI Group

mci-group.com

40

MCI Group is a well-established global marketing communications collective with over 35 years of experience, operating across 62 offices worldwide. The company offers a broad range of services including engagement and events, strategic communications, social media content, creative technology, data research, and community management. Their target audience includes brands and organizations seeking to enhance influence and impact through strategic marketing and communications. Technically, the website is built on WordPress with modern plugins like Yoast SEO and video.js, hosted on Microsoft Azure. However, performance data is missing, and the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security flaw. Privacy and cookie policies are present and indicate GDPR compliance, but no direct contact emails or phone numbers are published, relying instead on a contact form. Security posture is weak due to missing HTTPS and security headers, though no known vulnerabilities or malware are detected. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

Axians ICT Austria GmbH is a medium-sized ICT company based in Austria, operating under the VINCI Energies group. The company offers a broad portfolio of IT infrastructure, cloud solutions, data analytics, security, and collaboration services. The website reflects a professional and well-structured digital presence with comprehensive content and strong branding consistency. Technically, the site is built on WordPress with modern libraries and SEO tools, but suffers from critical security issues due to the lack of a valid SSL certificate and HTTPS support. Privacy compliance is well addressed with clear cookie and privacy policies and user consent mechanisms. Overall, the company demonstrates a strong market position in the Austrian ICT sector but should urgently address its security posture to protect user data and maintain trust.

A

Austrian Power Grid

apg.at

40

Austrian Power Grid (APG) operates the national electricity transmission grid in Austria, ensuring secure and reliable power supply across the country. The company is positioned as a key infrastructure provider in the energy sector, focusing on grid operation, expansion, and innovation to support Austria's energy transition. The website reflects a mature digital presence with comprehensive content, clear navigation, and multilingual support, targeting market participants, stakeholders, and the general public. Technically, the site is built on TYPO3 CMS with Vue.js components and integrates Matomo for analytics, indicating a modern and privacy-conscious technology stack. However, the SSL/TLS configuration is critically deficient, with no valid certificate and no modern TLS protocols enabled, which severely impacts security posture and user trust. Security headers are well implemented, including CSP, HSTS (though limited), and X-Frame-Options, demonstrating awareness of web security best practices. Privacy compliance is strong, with clear cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Business credibility is supported by consistent branding, social media presence, and detailed organizational information. Overall, while the business and content aspects are robust and professional, the lack of proper SSL/TLS implementation is a critical vulnerability that must be addressed urgently to protect users and maintain trust.

Bio-Techne is a global enterprise specializing in the development, manufacturing, and supply of high-quality scientific reagents, analytical instruments, and precision diagnostics. The company serves researchers, scientists, and clinicians worldwide through a portfolio of well-known brands including R&D Systems, Novus Biologicals, and ProteinSimple. The website reflects a mature B2B business model with comprehensive product offerings and strong market positioning in the healthcare sector. Digital maturity is evidenced by the use of Drupal 10 CMS, multiple marketing and analytics tools, and a well-structured, content-rich website. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, which undermines user trust and data security. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires urgent security improvements to protect visitors and maintain credibility.

J

Jabil Inc.

jabil.com

40

Jabil Inc. is a global leader in manufacturing solutions, providing comprehensive engineering, manufacturing, and supply chain services to top brands across multiple industries including automotive, healthcare, energy, and technology. The company operates a vast network of over 100 sites worldwide, combining global reach with local expertise to deliver scalable and customized solutions. Their business model focuses on B2B partnerships with original equipment manufacturers and product companies, emphasizing sustainability and community impact. Technically, the website employs a modern tech stack including Google Tag Manager, Vidyard, Lottie animations, and marketing automation tools like Pardot. The site is hosted on Amazon CloudFront CDN and uses Magnolia CMS. The website design is professional, mobile-optimized, and SEO-friendly, with good accessibility features. However, performance metrics are unavailable. From a security perspective, the site implements several security headers and a comprehensive Content Security Policy. Despite this, the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, representing critical vulnerabilities. No incident response or security policy pages were found, indicating potential gaps in security transparency. Overall, the website is content-rich and professionally maintained but requires urgent remediation of SSL and TLS configurations to ensure secure communications and maintain trust. Privacy compliance is well addressed with clear policies and consent mechanisms. The domain registration details align with the business claims, supporting legitimacy.

Schwarzach Packaging GmbH is a well-established Austrian manufacturer specializing in fine cardboard packaging solutions. The company serves a diverse range of industries including food, cosmetics, luxury goods, and non-food sectors, emphasizing sustainability and quality. Their website presents comprehensive product and corporate information, targeting industrial partners and international trade clients. Technically, the website uses modern frontend technologies and Google Tag Manager for analytics but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. The absence of cookie consent mechanisms despite tracking tools also indicates partial privacy compliance. Business credibility is strong with clear contact details and certifications such as the BGF-Gütesiegel. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

555photography is a small professional photography business specializing in wedding, family, engagement, and event photography. The business leverages the SmugMug platform to showcase its portfolio and manage client galleries, positioning itself as a niche service provider in the media sector. The website content is relevant and well-structured, targeting individuals and families seeking professional photography services. The business model relies on online presence and client engagement through SmugMug's infrastructure. Technically, the website is hosted on SmugMug's infrastructure using nginx and Amazon CloudFront CDN, with modern JavaScript frameworks and responsive design ensuring good mobile optimization and user experience. However, performance metrics are limited, and some technical debt is evident in the use of older YUI libraries alongside modern modules. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data protection. While some security headers are present, the absence of HTTPS and other advanced security features significantly lowers the security posture. Privacy policies and terms of service are available on the SmugMug domain, indicating compliance with GDPR and cookie consent mechanisms, but no explicit security or incident response policies are found. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and limited direct business contact information. Strategic improvements in SSL implementation, security policy publication, and direct contact channels would enhance trust and compliance.

S

Sandvik AB

sandvik.com

40

Sandvik AB is a global, high-tech engineering group headquartered in Sweden, specializing in products and solutions for mining, rock excavation, rock processing, and metal cutting. The company emphasizes innovation, digitalization, and sustainability to enhance productivity and profitability in manufacturing, mining, and infrastructure sectors. The website reflects a mature enterprise with comprehensive investor relations, sustainability governance, and career opportunities, targeting industry professionals, investors, and job seekers. Technically, the site uses modern analytics and consent management tools, hosted on Cloudflare, with good mobile optimization and accessibility. However, a critical security issue exists due to an invalid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy compliance is strong with clear cookie consent and data privacy policies. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS to ensure secure communications.

TNT.com represents the Finnish localized website of TNT Express, a global logistics and express delivery company now integrated with FedEx. The website offers comprehensive information about TNT's shipping services, tracking tools, and customer support, targeting both businesses and individual customers requiring international and domestic shipping solutions. The site is professionally designed with consistent branding and uses advanced marketing and analytics technologies such as Adobe Experience Manager, Optimizely, and Adobe DTM. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, which significantly undermines the site's security posture. Privacy and terms of service pages are present and appear comprehensive, supporting GDPR compliance. Overall, the site demonstrates a mature digital presence but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and maintain user trust.

S

SimCorp A/S

simcorp.com

40

SimCorp A/S is an established enterprise software provider specializing in integrated, multi-asset investment management solutions for leading asset managers globally. The company offers a comprehensive platform, SimCorp One, alongside specialized point solutions such as Axioma risk models. The website reflects a mature business with a strong market position, supported by numerous industry awards and client testimonials. Technically, the site is built on modern frameworks including Next.js and hosted on Vercel, with a headless Sitecore CMS backend, ensuring good digital maturity and user experience. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, the site is professional and credible but requires urgent security improvements to align with best practices.

D

DenizBank A.Ş.

denizbank.com

40

DenizBank A.Ş. is a large Turkish financial institution offering a broad range of banking services including retail, corporate, and specialized banking sectors. The website reflects a mature digital presence with comprehensive service offerings, detailed legal disclosures, and strong branding consistency. The bank targets both individual and business customers with tailored products and digital banking solutions. The site includes rich content, interactive calculators, and marketing campaigns, indicating a well-developed digital marketing strategy. Technically, the website uses modern JavaScript frameworks and integrates third-party marketing and analytics tools such as Google Tag Manager and Adjust. However, performance metrics indicate slow loading times, and the SSL/TLS configuration is critically flawed with an invalid certificate and no TLS protocols enabled, posing significant security risks. Security posture is moderate with good use of security headers but undermined by the lack of valid SSL and TLS support. Privacy compliance is strong with detailed privacy policies and data protection disclosures, including a dedicated KVKK (Turkish data protection law) section. Contact information is clearly presented, enhancing business credibility. Overall, while the business and content aspects are strong, the critical SSL issues represent a major risk that must be addressed immediately to protect user data and maintain trust.

B

Blühendes Österreich – BILLA gemeinnützige Privatstiftung

bluehendesoesterreich.at

40

Blühendes Österreich is a well-established non-profit foundation founded in 2015 by BILLA AG and BirdLife Österreich, dedicated to promoting biodiversity and protecting endangered habitats in Austria. The website serves as a comprehensive platform for nature experiences, educational content, and community engagement, targeting Austrian municipalities, nature enthusiasts, and farmers. Technically, the site is built on Drupal 10, uses modern analytics and messaging tools, and is protected by Sucuri Cloudproxy WAF. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to insecure connections. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by strong partnerships and trust indicators. Strategic improvements in SSL deployment and security hardening are recommended to enhance user trust and security posture.

REWE International AG operates a comprehensive career website for its retail group in Austria, including brands such as BILLA, PENNY, BIPA, and ADEG. The company is a major employer offering diverse job opportunities across retail stores, logistics, and corporate offices. The website is professionally designed with clear navigation and rich content targeting job seekers interested in retail careers. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, hosted likely on AWS infrastructure, and managed via the Storyblok CMS. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and credible but urgently needs to address its SSL/TLS configuration to protect users and improve security.

I

International Workplace Group plc

iwgplc.com

40

International Workplace Group plc (IWG) is a global leader in providing hybrid working solutions through an extensive network of office spaces, coworking locations, virtual offices, and meeting rooms. The company targets businesses and professionals seeking flexible workspace options worldwide, positioning itself as the premier provider in the real estate sector for hybrid work environments. Their business model revolves around workspace-as-a-service, offering scalable and customizable solutions to meet diverse client needs. Technically, the website leverages modern frameworks such as Next.js and Sitecore CMS, hosted on Azure, with integrations including OneTrust for privacy management and Google Tag Manager for analytics. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, although performance metrics are moderate due to lack of explicit data. From a security perspective, the site exhibits several best practices including comprehensive security headers and secure cookie attributes. However, a critical issue is the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture. Other vulnerabilities include disabled TLS protocols and missing HSTS enforcement. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, while the business and technical aspects of the website are robust and professional, the critical security gaps related to SSL/TLS must be addressed promptly to ensure user trust and data protection. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers to elevate the security posture.

D

Diageo

diageo.com

40

Diageo is a global leader in premium spirits and beer, operating in nearly 180 countries with a portfolio of over 200 brands. The website reflects a mature digital presence with comprehensive content targeting investors, consumers, and job seekers. The technical infrastructure leverages modern JavaScript frameworks and is hosted behind Cloudflare, indicating a robust platform. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. The site employs extensive analytics and marketing tools with consent mechanisms, but lacks explicit privacy and terms of service pages in the provided content. Overall, the business credibility and content quality are high, but security improvements are urgently needed.

S

Studiewereld Laudius

laudius.nl

40

Laudius is a well-established Dutch education provider specializing in affordable, recognized home study courses. With over 40 years of experience, it targets individuals seeking flexible learning options for career advancement and personal development. The website is built on TYPO3 CMS and hosted via Cloudflare, integrating Google Tag Manager for analytics and marketing. Despite good content quality and professional design, the absence of a valid SSL certificate significantly weakens the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact channels including phone and social media. Certifications and customer reviews enhance trustworthiness. Strategic improvements in SSL implementation and security best practices are recommended to elevate overall security and user trust.

E

Eppendorf SE

eppendorf.com

40

Eppendorf SE is a well-established, leading life sciences company specializing in the development and sale of laboratory instruments, consumables, and services globally. Their product portfolio spans liquid handling, bioprocessing, centrifugation, and more, targeting academic, commercial, pharmaceutical, and industrial laboratories. The website reflects a mature, professional digital presence with comprehensive content, clear navigation, and multi-regional support. Technically, the site employs modern JavaScript frameworks and integrates advanced marketing and analytics tools, although performance data is limited. Security posture is currently weak due to invalid or missing SSL/TLS certificates and lack of enabled TLS protocols, which is a critical risk. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is trustworthy and credible but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

R

R-Biopharm AG

r-biopharm.com

35

R-Biopharm AG is a well-established German company specializing in clinical diagnostics, food and feed analysis, and nutrition care solutions. With over 35 years of experience and a presence in more than 120 countries, the company offers a broad portfolio of innovative products and services targeting healthcare professionals and the food industry. Their website reflects a professional and content-rich digital presence, supporting multiple languages and providing comprehensive information about their divisions and corporate responsibility initiatives. Technically, the site is built on WordPress with modern SEO and marketing tools, though performance could be improved. Security posture is currently weak due to the absence of a valid SSL certificate and HTTPS support, which is a critical risk that should be addressed immediately. Privacy compliance is strong, with clear policies and cookie consent mechanisms in place. Overall, the company demonstrates high business credibility and trustworthiness, but must prioritize securing their web infrastructure to protect users and maintain reputation.

L

lucesem® - Ihr Komplettanbieter für EDV!

lucesem.at

28

lucesem® is a well-established IT service provider based in Klagenfurt, Austria, offering a broad range of IT solutions including managed IT services, cloud services, VoIP telephony, repair services, and data recovery for both business and private customers. The company has a strong regional presence and serves local and international clients. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site is built on WordPress with popular plugins and themes, leveraging modern web technologies and SEO best practices. However, the absence of a valid SSL certificate is a critical security shortfall, exposing users to potential risks and undermining trust. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the business demonstrates credibility and professionalism but must urgently address its SSL/TLS configuration to improve security posture and user trust.

S

SPACEKEYS GmbH

spacekeys.aero

62

SPACEKEYS GmbH is a specialized aviation technology company providing advanced GNSS RAIM prediction solutions worldwide. Their offerings include RAIM PRO and RAIM ANSP products, supporting multiple aviation standards and providing RESTful APIs for integration. The company is funded by the European Space Agency under the NAVISP programme, positioning it as a credible and innovative player in the aviation navigation sector. The website reflects a professional business with clear product descriptions and partner relationships, notably with Flightkeys and ESA. Technically, the site uses modern web technologies such as jQuery and slick carousel but lacks a valid SSL certificate, which is a critical security deficiency. Security headers are present, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is weak, with no privacy or cookie policies found. Contact information is clearly provided, including a physical address and company email. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet industry standards.

S

Shan Foods | Taste of Authentic Food with a Bite of Happiness

shanfoods.com

29

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 27 security findings identified across all modules.

G

GENSPEED Biotech GmbH

genspeed-biotech.com

22

GENSPEED Biotech GmbH is a small Austrian healthcare technology company specializing in rapid biomarker quantification and diagnostic testing solutions. Their product portfolio includes tests for Vitamin D, COVID-19 antibodies, tick-borne encephalitis, and periodontitis detection, targeting healthcare providers and test manufacturers. The company leverages a WordPress-based website with modern page builder tools and integrates cookie consent management and analytics tracking. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. While contact information and certifications are clearly presented, the lack of security headers and incident response policies indicates room for improvement. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and build trust.

W

Wiener Arbeitnehmer*innen Förderungsfonds

waff.at

26

The Wiener Arbeitnehmer*innen Förderungsfonds (waff) is a government-affiliated organization dedicated to supporting the workforce in Vienna through information, consultation, and financial assistance for professional development and training. The website serves as a comprehensive portal offering access to job and course searches, funding programs, and online applications, targeting both individuals and companies in Vienna. The organization holds a significant regional position as a key instrument in active labor market policies and adult education. Technically, the site is built on WordPress with Elementor, uses Matomo for analytics, and Borlabs Cookie for privacy management, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and enhance trust.

The website integrationsfonds.at currently serves only a minimal HTML page returning an HTTP 404 Not Found error, indicating the requested resource is unavailable. There is no accessible content, metadata, or business information on the site. The domain is registered and uses DNS infrastructure consistent with Austrian hosting providers and Microsoft Azure services, including Outlook mail protection for email. However, the lack of HTTPS and a valid SSL certificate severely impacts the security posture and trustworthiness of the site. No privacy, cookie, or terms of service policies are present, and no contact or business details are available on the website. Overall, the site appears inactive or improperly configured, limiting its utility and credibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

T

TIGER Coatings GmbH & Co. KG

tiger-coatings.com

24

TIGER Coatings GmbH & Co. KG is a well-established Austrian manufacturer specializing in powder coatings and digital printing solutions for surface finishing. The company operates globally with affiliate offices and offers a broad range of products and digital tools, including a webshop and surface configuration tools. The website is professionally designed, content-rich, and targets industrial and manufacturing clients seeking high-quality coating solutions. Technically, the site is built on TYPO3 CMS with modern frontend technologies and uses Amazon CloudFront for content delivery. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure connections. Privacy compliance is strong, with clear policies and consent mechanisms in place. Contact information and social media presence further enhance business credibility. Overall, the site demonstrates a mature digital presence but requires urgent security improvements to protect user data and trust.

W

Wienerberger

wienerberger.it

39

Wienerberger Italy operates a comprehensive website focused on manufacturing and distributing clay building materials, targeting construction professionals and architects. The site offers detailed product catalogs, technical resources, and support services, positioning Wienerberger as a key player in the Italian building materials market. The digital infrastructure is built on Adobe Experience Manager, leveraging modern web technologies and integrated marketing tools such as Google Tag Manager and Cookiebot for consent management. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability that undermines user trust and data protection. While the site includes privacy and cookie policies compliant with GDPR, it lacks explicit security and incident response disclosures. The domain registration is consistent with the business claims, reinforcing legitimacy. Strategic improvements in SSL deployment and security posture are essential to elevate the site's trustworthiness and compliance.

V

Venionaire DealMatrix

dealmatrix.com

40

DealMatrix is a specialized platform focused on facilitating startup valuations and connecting startups with investors through a fact-based approach and advanced matching technology. The platform offers multiple valuation methods and deal monitoring services, targeting startups and investors primarily in the finance and technology sectors. The website is built on WordPress with Elementor and integrates privacy compliance tools such as Borlabs Cookie. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which undermines user trust and data security. The domain is mature and registered since 2011, consistent with the business's claimed history. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Social media presence and testimonials add to the platform's credibility.

Bunge Global SA operates a comprehensive global agribusiness and food ingredient supply chain, connecting farmers to consumers with a focus on sustainability and renewable energy. The website reflects a large enterprise with a professional digital presence, including regional sites and investor relations. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and OneTrust for cookie consent, but suffers from a critical lack of valid SSL/TLS certificates, impacting security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and trust.

B

Business Angel Institute

businessangelinstitute.org

39

Business Angel Institute is a Vienna-based organization specializing in education and certification for early-stage investors, notably offering the world's first ISO-certified Business Angel Program. The website is professionally designed, targeting individual and group angel investors primarily in Europe, with a strong emphasis on bridging research and practical investment experience. Technically, the site runs on WordPress with a modern theme and integrates various third-party services for course delivery and analytics. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing visitors to potential risks. Privacy compliance is basic with policies present but limited GDPR indicators. Overall, the business is credible and well-positioned in its niche, but the website requires urgent security improvements to protect users and enhance trust.

IMC-Austria operates as a small non-profit meditation center focused on Vipassana meditation in the Theravada Buddhist tradition. The website provides informational content about meditation courses, the tradition of Sayagyi U Ba Khin, and links to related international centers. The target audience includes individuals interested in meditation and spiritual growth. Technically, the website is basic and static, using JavaScript, CSS, and Google services such as Analytics and Custom Search. However, the site suffers from slow load times and lacks modern web technologies or CMS platforms. Security posture is weak due to the absence of HTTPS, no valid SSL certificate, and missing security headers, exposing visitors to potential risks. Privacy compliance is poor, with no privacy or cookie policies and no consent mechanisms for tracking. Business credibility is moderate based on consistent WHOIS data and clear organizational identity but is weakened by lack of contact information and security best practices. Overall, the website requires significant improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

V

Venionaire Capital AG

worldventureforum.info

43

World Venture Forum 2025 is a well-established international event focused on fostering global relations in the venture capital, crypto, family office, corporate innovation, and impact investing sectors. The event is held in Kitzbühel, Austria, and features a comprehensive program with multiple unique mountain chalet venues, keynote speakers, workshops, and networking opportunities. The business model revolves around event organization, ticket sales, and sponsorship packages, targeting investors, entrepreneurs, and industry leaders. The website is professionally designed with rich content, clear navigation, and strong branding consistency. Technically, the website is built on WordPress using Elementor and several event-related plugins. It integrates Google Analytics for tracking and uses Borlabs Cookie for cookie consent management. However, the site lacks HTTPS, which is a critical security flaw, and does not implement important security headers or modern TLS protocols. Performance is moderate to slow, and while mobile optimization and accessibility are good, the absence of SSL significantly impacts the security posture. Security-wise, the site has no SSL/TLS encryption, no HSTS, no OCSP stapling, and no secure cipher suites, exposing users to potential risks. There is no visible security policy or incident response information. Privacy compliance is good with a comprehensive privacy policy and cookie consent mechanism. Business credibility is supported by detailed company information, multiple contact methods, and trust indicators such as testimonials and partner listings. Overall, the site presents a strong business and content profile but requires urgent security improvements to protect users and enhance trust. Strategic recommendations include immediate SSL implementation, adding security headers, and enhancing incident response transparency.

E

European Super Angels Club

superangels.club

43

European Super Angels Club is a pan-European investment club targeting business angels, high-net-worth individuals, family offices, and corporate venture capital units. It facilitates investments in technology startups, particularly in smart mobility, by providing access to curated deals, due diligence support, and a strong network of partners and co-investors. The website presents a professional image with detailed information about membership benefits, partners, and events, positioning itself as a key player in the European startup investment ecosystem. Technically, the website is built on WordPress using the Enfold theme and integrates various plugins for SEO, analytics, and content presentation. However, the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw. The absence of modern TLS protocols and security headers further weakens its security posture. The site is mobile-optimized and SEO-friendly but lacks cookie consent mechanisms despite using tracking tools. From a security perspective, the lack of HTTPS and security headers exposes users to risks and undermines trust. The WHOIS data shows a mature domain with privacy protection justified by the business nature. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect users and enhance trust. Strategically, the club should prioritize SSL implementation, enhance security headers, and introduce privacy compliance features such as cookie consent to align with GDPR. Improving site performance and accessibility will also benefit user experience and SEO rankings.

Silberball Brand Management GmbH is a specialized consulting and creative agency focused on brand management, strategy, and digital innovation primarily serving companies in the DACH region. Established in 2003, the company offers a comprehensive suite of services including strategic brand development, branding, cultural consulting, business model strategy, digital transformation, and brand experience. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience of businesses seeking to enhance their brand value. Technically, the site is built on WordPress with common plugins and frameworks such as Bootstrap and jQuery, integrating marketing and tracking tools like HubSpot and AutopilotHQ. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. While privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, the lack of security headers and modern TLS protocols presents vulnerabilities. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

EssenceMediacom is a global media agency specializing in creating breakthroughs for brands across diverse industries. With over 10,000 employees operating in 96 markets, the company offers integrated media solutions, analytics, creative futures, and specialist B2B marketing services. The website reflects a strong market position supported by a comprehensive service portfolio and global reach. Technically, the site is built on modern frameworks such as Next.js and React, hosted via Cloudflare, and uses DatoCMS for content management. While the site demonstrates good mobile optimization, accessibility, and SEO practices, performance metrics indicate slower load times that could be improved. Security posture is moderate; although security headers and content security policies are well implemented, the lack of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent SSL and TLS improvements to enhance security and user trust.

L

Langmatz GmbH

langmatz.de

24

Langmatz GmbH is a medium-sized German company specializing in the development and manufacturing of infrastructure products for telecommunications, energy, and transportation sectors. Their product portfolio includes cable ducts, network distributors, outdoor enclosures, and related infrastructure components. The company positions itself as a leading European provider with a strong focus on quality and customer-centric solutions. Technically, the website is built on the Pimcore CMS platform, uses modern JavaScript libraries such as Swiper.js, and integrates Google reCAPTCHA for form security. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture of the site. Privacy and terms of service policies are present and comprehensive, supporting GDPR compliance. Contact information is clearly provided, including emails, phone numbers, and physical address, alongside active social media channels. Overall, while the business and content quality are excellent, the lack of proper SSL/TLS configuration is a critical security gap that needs immediate remediation.

T

Trusted Shops SE

trustedshops.at

40

Trusted Shops SE operates a leading European platform providing trust and buyer protection services for online shopping. The website targets consumers primarily in German-speaking European countries, offering services such as a trustmark certification, buyer protection insurance, and verified customer reviews. The business model focuses on B2B and B2C services, supporting over 30,000 certified shops and millions of users. The company is well-established with consistent branding and strong trust indicators. Technically, the website is built on WordPress with modern marketing and consent management tools, but suffers from slow performance and lacks a valid SSL certificate, which critically impacts security. Privacy policies and GDPR compliance are well implemented. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

XIMES GmbH is a specialized consulting and software company focused on workforce management, including labor time models, shift planning, personnel demand calculation, and payroll solutions. The company targets businesses and social partners seeking practical and scientifically grounded solutions in these areas. Their website reflects a professional and consistent brand presence with detailed service offerings and clear contact information. Technically, the site is built on the Odoo CMS platform with modern web technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the business appears legitimate and consistent with WHOIS data, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

C

Cyberhouse GmbH

cyberhouse.at

38

Cyberhouse GmbH is a well-established digital agency based in Austria, specializing in web design, development, consulting, and SEO services primarily using TYPO3 and Storyblok CMS platforms. The company holds reputable certifications such as TYPO3 Gold Member and is a certified Storyblok partner, positioning itself strongly in the regional technology market. Their business model focuses on delivering full-service digital experiences to businesses seeking professional online presence solutions. Technically, the website employs modern JavaScript modules, lazy loading, and integrates bot protection for forms, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. The site includes standard privacy and terms of service pages, but lacks a cookie consent mechanism. Overall, the website is professionally designed with clear navigation and strong branding, but requires urgent security improvements to protect user data and enhance trust.

S

Südtiroler Sanitätsbetrieb

sabes.it

40

Südtiroler Sanitätsbetrieb operates as a regional healthcare provider in South Tyrol, Italy, serving the local population with healthcare services. The website is primarily a digital presence for the organization but currently offers minimal direct content or user interaction features. The technical infrastructure is hosted on Microsoft Azure and uses JavaScript-based analytics and cookie consent tools. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. Security headers are implemented, but the absence of TLS protocols and HSTS reduces the overall security posture. Privacy compliance is limited, with no visible privacy or terms of service policies, though a cookie consent mechanism is present. WHOIS data confirms the domain is mature and legitimately registered, consistent with the organization's profile. Overall, the website requires significant improvements in security, privacy transparency, and content richness to better serve its audience and meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

fiskaly GmbH is a technology company specializing in cloud-based fiscalization solutions tailored for European markets including Germany, Austria, Spain, Italy, and France. Their services focus on enabling retailers and POS providers to comply with complex fiscal regulations through APIs and cloud services. fiskaly holds a strong market position as a leading provider of cloud TSS solutions in Germany and is expanding its footprint across Europe. The website demonstrates a professional, well-branded presence with comprehensive content, customer testimonials, and partner endorsements. Technically, the website is built on a modern Next.js framework hosted on Netlify, leveraging React and various marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. The site is mobile-optimized and accessible, with good SEO practices. However, a critical security issue is present due to an invalid or missing SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, fiskaly implements several best practices including HSTS and security headers, and holds ISO 27001 certification, indicating a mature security framework. Despite this, the lack of a valid SSL certificate and TLS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, fiskaly presents a credible and professional business with strong compliance and technical capabilities but must remediate critical SSL/TLS issues to ensure secure and trustworthy operations online.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Schiebel

schiebel.net

27

Schiebel is a mature, internationally recognized company specializing in the development and production of unmanned air systems and mine detection equipment, founded in 1951 and headquartered in Austria. Their product portfolio includes the CAMCOPTER® S-100 UAS and advanced mine detection systems, supported by a composite technology division. The company maintains multiple global offices and emphasizes quality certifications such as ISO 9001 and AS/EN 9100. Technically, the website is built on WordPress with common plugins and scripts, offering good content quality and SEO optimization. However, the absence of HTTPS and SSL/TLS encryption is a critical security vulnerability, severely impacting the site's security posture. While security headers are implemented, the lack of encryption exposes users and data to risks. Privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. Strategic improvements in security infrastructure are urgently recommended to protect the company's digital presence and customer trust.

A

alk.net

alk.net

40

Security assessment incomplete. Successfully analyzed: gdpr, nis2, emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders. 19 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

free-com solutions GmbH

free-com.at

36

free-com solutions GmbH is an established Austrian technology company specializing in intuitive digitalization and automation solutions for document-driven business processes. With over 20 years of experience, they offer a range of products including invoice processing, expense management, and integration with SAP and Microsoft 365 platforms. Their solutions target both small and medium-sized enterprises as well as large corporations, emphasizing user-friendly interfaces and mobile accessibility. Technically, the website is built on WordPress with the Avada theme, leveraging modern tools like WP Rocket for performance and Borlabs Cookie for privacy compliance. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, which significantly impacts the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms in place. The company maintains a strong online presence with multiple social media channels and detailed business information, enhancing trust and credibility. Overall, while the business and content quality are excellent, addressing the SSL/TLS deficiency is paramount to improve security and user trust.

P

Plato's Closet

platosclosetdurham.com

40

Plato's Closet operates a large franchise retail business specializing in buying and selling gently used name brand clothes, shoes, and accessories targeting teens and young adults. The company is positioned as the largest chain in its niche with over 500 locations across North America, emphasizing sustainability and affordability. The website is built on the BigCommerce platform, leveraging modern e-commerce technologies and marketing tools such as Google Analytics 4 and TikTok Pixel. While the site demonstrates good content quality, accessibility, and privacy compliance, it lacks a valid SSL certificate, severely impacting its security posture. Security headers are partially implemented, but the absence of HTTPS is a critical vulnerability. The domain is mature and registered consistently with the business claims, supporting legitimacy. Strategic improvements in SSL deployment and enhanced security practices are recommended to strengthen trust and compliance.