Security Directory

E

Evora Global Limited

evoraglobal.com

40

Evora Global Limited is a UK-based company specializing in sustainability consulting, managed services, and software solutions for real asset investors, owners, and operators. The company holds a strong market position, partnering with many of the world's leading investors and managing a substantial portfolio of assets. Their website is professionally designed, content-rich, and well-branded, targeting stakeholders interested in ESG and climate resilience. Technically, the site is built on WordPress with Gravity Forms and uses Cloudflare for hosting and CDN services. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support. Security headers are partially implemented, but improvements are needed, including enabling HSTS and OCSP stapling. Privacy compliance is moderate, with a comprehensive privacy policy but no visible cookie consent mechanism. Contact information is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the website demonstrates a mature digital presence but requires urgent security enhancements to protect user data and improve trust.

S

Steuerexperten Wien | Österreich

steuerexperten.at

40

Steuerexperten.at is a well-established Austrian tax consultancy and business advisory firm based in Vienna, offering a broad range of services including tax consulting, accounting, business immigration, and corporate services. The company targets both Austrian and international clients, leveraging a digital platform (steuerexperten.PRO) to enhance client engagement and document management. The website is professionally designed, multilingual, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of valid SSL/TLS certification, exposing users to security risks. Privacy compliance is strong, with GDPR-aligned policies and cookie consent mechanisms in place. Contact information and trust signals such as certifications and testimonials are clearly presented, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect client data and enhance trust.

T

The Los Angeles Film School

filmproductionservices.info

37

The Los Angeles Film School website presents a comprehensive and professional educational institution focused on film, media, animation, and music production programs. It targets prospective students and professionals seeking accredited degree programs both on-campus and online. The site highlights alumni success, industry recognition, and offers extensive resources such as tours, webinars, and detailed program information. Technically, the website is built on WordPress using the Avia framework and incorporates multiple JavaScript libraries for enhanced user experience. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

X

x.test GmbH

xtest.at

22

x.test GmbH is a specialized company in electronic measurement technology based in Austria, founded in 2010. The company offers a range of products and consulting services focused on electronic measurement, emphasizing quality and customer trust. The website is built on WordPress with modern plugins and frameworks, providing a professional and user-friendly experience. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. The site implements GDPR-compliant cookie consent mechanisms and provides clear privacy and terms of service pages, reflecting good privacy compliance. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical.

T

Thomas Ebenstein

ebenstein.info

27

The website represents Thomas Ebenstein, a professional tenor associated with the Wiener Staatsoper, serving as an artist portfolio and promotional platform. The site targets opera enthusiasts and event organizers, providing information about the artist and his season engagements. Technically, the site is built on WordPress using popular page builders like Elementor and WPBakery, hosted on viennacix.com infrastructure. While the design and content quality are good with proper SEO and mobile optimization, the site lacks a valid SSL certificate, which significantly impacts its security posture. Analytics tools such as Google Analytics and Jetpack Stats are used, with a cookie consent mechanism in place, indicating some level of privacy compliance. However, the absence of explicit contact information, security policies, and incident response details limits the site's trustworthiness and business credibility. Overall, the site is functional and professional but requires critical security improvements to enhance user trust and compliance.

S

Sepura Limited

sepura.com

40

Sepura Limited is a UK-based company specializing in the design, development, and supply of TETRA and LTE digital radio products and applications for business and mission-critical communications. The company holds a strong market position as a leading provider of TETRA radios with a legacy spanning over 125 years. Their solutions target public safety, energy, transportation, and commercial sectors globally, supported by a large partner network and extensive R&D efforts. Technically, the website is built on WordPress with modern plugins and marketing tools, demonstrating good digital maturity and SEO practices. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and trust indicators such as certifications and customer testimonials. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

I

IT Services and Solutions, S. A. de C. V.

it-solutions.com.mx

36

IT Services and Solutions, S. A. de C. V., operating under the brand IT Solutions, is a Mexican technology company specializing in designing and implementing IT solutions to enhance business operations. Their offerings include infrastructure modernization, cybersecurity, digital transformation, cloud services, and support. The company targets businesses seeking comprehensive IT solutions and positions itself as a trusted partner with strong vendor alliances and professional services expertise. Technically, the website is built on WordPress with common plugins and sliders, but lacks a valid SSL certificate, resulting in no HTTPS support which is a critical security gap. The site includes contact forms with reCAPTCHA and social media links but lacks cookie consent mechanisms and detailed privacy compliance features. Security headers are minimal, and no incident response or security policies are publicly disclosed. Overall, the website presents a professional business image but requires urgent improvements in security posture and privacy compliance to meet modern standards.

K

Klippa App B.V.

klippa.com

59

Klippa App B.V. is a Dutch technology company specializing in AI-driven document automation solutions that help businesses reduce operational costs, save time, and prevent fraud. Their market position is strong, serving over 1000 brands with products like DocHorizon and SpendControl, targeting finance professionals and enterprises across various sectors including banking, logistics, and public services. The company leverages modern web technologies and cloud infrastructure (Microsoft Azure) to deliver scalable and efficient services. Security practices are generally good with HTTPS and Cloudflare protection, but improvements in SSL/TLS configuration are recommended. The website demonstrates strong compliance with data protection regulations and holds relevant certifications such as ISO 27001 and ISO 9001. Overall, Klippa presents a professional, trustworthy, and technically mature digital presence.

B

Biofaction KG

biofaction.com

33

Biofaction KG is a small interdisciplinary research and science communication company based in Austria, specializing in emerging sciences, technologies, and art-science collaborations. The company offers a range of services including research projects, integrated communication, public engagement events, training, and media production. Their market position is niche, focusing on bridging science and society through innovative communication and artistic approaches. The website is built on WordPress using the Divi theme and incorporates modern web technologies such as PHP 8 and jQuery, with integrations for Mailchimp and Contact Form 7 for marketing and contact purposes. However, the site lacks HTTPS, which is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present and appear GDPR compliant, with clear contact information and social media presence enhancing business credibility. Performance data is missing, suggesting potential issues with site speed or monitoring. Overall, the site is professionally designed and content-rich but requires urgent security improvements to meet modern standards.

พ

พื้นที่รวม หนังโป๊ญี่ปุ่น และ หนังเอวี ที่มี Avsubthai มากที่สุดในโลก

fuckthatworld.com

33

The website 'fuckthatworld.com' operates as a niche adult content platform specializing in Japanese uncensored pornographic videos with Thai subtitles. It positions itself as a comprehensive aggregator offering daily updated content for adult viewers interested in this genre. The business model appears to be free streaming with no visible monetization or subscription mechanisms. Technically, the site is built on WordPress 6.8.1 with PHP 7.2.34, uses the Yoast SEO plugin, and is served via Cloudflare CDN. However, the site lacks a valid SSL certificate, resulting in no HTTPS support and poor security posture. The site is mobile optimized and has basic SEO metadata but lacks privacy, cookie, and terms of service policies, as well as any contact or business legitimacy information. Tracking is done via Histats analytics. Overall, the site has basic content quality and technical implementation but poor security and privacy compliance, resulting in a low overall trust and security score.

A

Alkwin Kollege

alkwin.nl

32

Alkwin Kollege is a medium-sized secondary education institution located in Uithoorn, Netherlands, providing havo, atheneum, and gymnasium level education. The school emphasizes a safe and engaging learning environment and targets students and parents in the local region. The website is built on WordPress, uses Cloudflare for CDN and caching, and integrates Google Tag Manager for analytics. While the site has good content quality, SEO optimization, and mobile responsiveness, it lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. No explicit privacy or cookie policies are found, indicating gaps in privacy compliance. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with modern web standards.

M

MarineXchange Software GmbH

marinexchange.com

25

MarineXchange Software GmbH operates a comprehensive enterprise software platform, MXP365, tailored for the cruise industry. The company provides a wide range of modules and digital solutions designed to enhance operational efficiency and guest experience onboard cruise ships. Positioned as a leading technology provider in this niche, MarineXchange leverages partnerships and acquisitions, such as Bytepoets, to expand its capabilities and market reach. The website reflects a mature digital presence with professional design and rich content targeting cruise lines and hospitality stakeholders. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern CMS infrastructure with SEO and user experience considerations. However, performance metrics are lacking, and the site shows slow loading characteristics. Mobile optimization is good, but accessibility features are basic. The site integrates analytics and cookie consent tools, demonstrating awareness of privacy compliance. Security posture is a significant concern due to the absence of HTTPS and SSL certificates, lack of HSTS, and missing DNSSEC and CAA records. While no active vulnerabilities or malware are detected, the lack of encryption exposes users to risks and undermines trust. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, MarineXchange presents a credible and professional business with strong market positioning but must urgently address critical security gaps to protect its users and maintain trust. Strategic improvements in security infrastructure and performance optimization are recommended to align with industry best practices.

M

mlu-recordum Environmental Monitoring Solutions GmbH

recordum.com

24

JCT NextGen AQMS is a specialized provider of air quality monitoring solutions, leveraging the acquisition of mlu-recordum to offer innovative and cost-effective environmental monitoring products. The company operates under the JCT Group umbrella, which includes subsidiaries focused on gas sampling, liquid sampling, and process analytics. The website presents a professional and consistent brand image targeting industrial and environmental sectors, primarily in Austria. Technically, the site is built on WordPress with Elementor and uses Borlabs Cookie for GDPR-compliant cookie management. However, the absence of a valid SSL certificate and HTTPS implementation is a significant security shortfall. While privacy policies and contact information are well presented, the lack of explicit security policies, incident response, and vulnerability disclosure pages indicates room for improvement in security transparency. Overall, the site is functional and informative but requires urgent security enhancements to protect users and improve trust.

S

Simone Buratto

simoneburatto.it

37

Simone Buratto is a small Italian company specializing in outdoor solar shading solutions and related products such as pergolas, outdoor furniture, and complements. The business operates primarily in Piemonte, Italy, targeting private customers, commercial hospitality businesses, architects, and construction firms. The website is built on WordPress with Elementor and Yoast SEO, showing a moderate level of digital maturity. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism via iubenda. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and build trust.

Q

QimiQ Handels GmbH

qimiq.com

39

QimiQ Handels GmbH operates a well-established retail website focused on food products and cooking ingredients, targeting both consumers and professional chefs. The company offers a range of products such as QimiQ Classic, Sahne-Basis, Whip, Vegan, and Tiramisu, complemented by recipe content, professional workshops, and a newsletter. The website is multilingual and professionally designed, reflecting a consistent brand presence and active engagement through social media and marketing tools. Technically, the site is built on WordPress with modern plugins and frameworks, leveraging Cloudflare for CDN and caching. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

ARIAN is a medium-sized company specializing in premium full-service point-of-sale (POS) management and visual marketing solutions for retail and brands. The company offers comprehensive services including concept development, implementation, and innovation in marketing communication, targeting retailers and brand owners globally. The website is professionally designed using WordPress with strong SEO practices and structured data, supported by Cloudflare CDN for performance and security. However, the site lacks a valid SSL certificate, which is a critical security vulnerability, and does not provide visible contact information or cookie consent mechanisms on the homepage. These issues reduce the overall security posture and privacy compliance of the website. The domain registration data is consistent with the business claims, indicating legitimacy and trustworthiness.

I

Institut Teknologi Sepuluh Nopember

its.ac.id

40

Institut Teknologi Sepuluh Nopember (ITS) is a prominent Indonesian university specializing in science, technology, and arts education. The website serves a broad audience including prospective and current students, faculty, staff, parents, and alumni. It offers comprehensive information on academic programs, research, innovation, and public services. The institution holds a strong market position with recognized rankings in Asia Pacific and globally. Technically, the website is built on WordPress with a modern tech stack including Visual Composer, Yoast SEO, and various JavaScript libraries, providing a rich user experience with good mobile optimization and accessibility. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present but insufficient without proper SSL. Privacy and cookie policies are not found, indicating compliance gaps. DNS records are missing or incomplete, raising concerns about domain configuration. Overall, the site is professional and trustworthy in content but requires urgent improvements in security and privacy compliance.

A

Alexander Hughes

alexanderhughes.com

30

Alexander Hughes is a well-established global executive search and leadership advisory firm with over 60 years of experience and a presence in more than 50 offices across 51 countries. The company specializes in attracting top leadership talent and providing governance, human capital assessment, succession planning, and interim executive services to global firms. Their website reflects a professional and comprehensive business model targeting corporate clients worldwide. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery and Lightslider, with analytics powered by Matomo. Hosting is provided by Cloudways, and the site employs a strong Content Security Policy and other security headers. However, the SSL certificate is invalid or missing, and no modern TLS protocols are enabled, which significantly impacts the security posture. Security-wise, while some best practices like CSP and HSTS are implemented, the lack of valid HTTPS and TLS support is a critical vulnerability. No explicit security or incident response policies are found, and no contact emails or phone numbers are directly listed on the site, which may affect user trust. Privacy and cookie policies are present and appear GDPR compliant. Overall, the site is professionally designed with excellent content quality and user experience but requires urgent remediation of SSL/TLS issues to improve security and trustworthiness.

M

Mixed Reality I/O

mixed-reality.io

40

Mixed Reality I/O operates a professional and content-rich website focused on augmented reality, virtual reality, 3D modeling, and AI consulting and development services. The company targets businesses seeking spatial computing strategies and innovative digital experiences. Their market position is supported by a history dating back to 2008, international experience, and notable client partnerships. Technically, the website is built on WordPress with a modern plugin ecosystem, supporting multilingual content and interactive 3D models. However, the absence of HTTPS and proper SSL configuration represents a critical security vulnerability, exposing users to risks and undermining trust. Privacy compliance is addressed with cookie consent and a comprehensive privacy policy, but incident response and security policies are not evident. Overall, the website demonstrates strong business credibility and user experience but requires urgent security improvements to meet industry standards.

O

Otago Online Consulting GmbH

contentcook.at

26

Otago Online Consulting GmbH is a well-established Austrian online marketing agency specializing in SEO, SEA, social media marketing, display and video advertising, and data analytics. The company has a strong market position with a clear growth strategy including acquisitions such as Content Cook. Technically, the website is built on WordPress with modern marketing and analytics tools integrated, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced headers or incident response information published. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but urgently needs to implement HTTPS to improve security and trust.

A

Agenda Austria

agenda-austria.at

35

Agenda Austria is an established independent think tank based in Austria, focusing on economic and socio-political research and analysis. The organization provides a variety of content including publications, graphics, podcasts, and events aimed at policymakers, academics, and the interested public. Their market position as the first independent think tank in Austria specializing in these areas is supported by a consistent and professional online presence. Technically, the website is built on WordPress with a modern tech stack including caching, SEO optimization, and consent management tools. The site is well-structured, mobile-optimized, and offers good user experience with clear navigation and rich content. However, the SSL/TLS configuration is currently inadequate, lacking a valid certificate and modern protocol support, which poses a security risk. Security-wise, the site implements several important HTTP security headers and uses reCAPTCHA for form protection, but the absence of valid HTTPS and modern TLS protocols significantly lowers its security posture. Privacy compliance is strong, with clear privacy and cookie policies and GDPR-compliant consent mechanisms. Overall, the website is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing domain security with DNSSEC and CAA records.

H

HAAI GmbH

haai.at

40

HAAI GmbH is a medium-sized Austrian company specializing in providing innovative hardware, software, and IT services primarily targeting enterprises and small to medium businesses. The company positions itself as a trusted partner with exclusive partnerships with major technology brands such as A1, Apple, Microsoft, and Samsung, offering comprehensive device management and telecommunications solutions. Their business model focuses on B2B services including Device as a Service (DaaS), logistics, and IT security solutions. Technically, the website is built on WordPress with modern plugins and uses Cloudflare for CDN and security. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. The site implements GDPR-compliant cookie consent via Usercentrics and uses Google Tag Manager for analytics, reflecting a moderate level of privacy compliance. Overall, the website is professionally designed with good content quality and clear navigation, but the lack of HTTPS is a major risk that should be addressed promptly.

B

B+S Banksysteme AG

bs-ag.com

40

B+S Banksysteme AG is a German-based software manufacturer specializing in banking and financial services software solutions. With over 40 years of experience, the company serves a broad range of clients including traditional banks, fintechs, and neobanks primarily in the D-A-CH region. Their offerings include core banking applications, online and mobile banking, banking APIs, and modular banking services underpinned by a ZAG license. The company maintains a medium-sized presence with subsidiaries such as B+S Banksysteme Salzburg GmbH and emphasizes customer-centric service models like Banking as a Service. Technically, the website is built on WordPress with popular plugins such as WPBakery Page Builder and Slider Revolution. While the site is well-structured, SEO optimized, and mobile responsive, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. The security headers are well configured, but the lack of TLS protocols and the presence of unsafe inline scripts reduce the overall security posture. From a security perspective, the site demonstrates good header policies and content security policies but critically lacks HTTPS, which exposes users to potential risks. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are present. Contact information is clearly provided, including multiple phone numbers, email addresses, and physical locations, supporting business credibility. Overall, the website presents a professional and trustworthy business front with strong market positioning in banking software. However, the lack of HTTPS significantly undermines security and trustworthiness, necessitating urgent remediation to protect user data and comply with modern security standards.

Canon Production Printing operates as a global leader in the production printing industry, specializing in continuous-feed, cut-sheet, and large-format printers for high-volume and specialized printing applications. The company targets business and professional customers in printing, publishing, and display graphics sectors, leveraging a B2B manufacturing and technology solutions business model. The website reflects a strong market position with comprehensive product and corporate information, supported by active social media channels and a clear corporate identity. Technically, the website is built on WordPress with a modern theme and SEO tools, indicating a mature digital infrastructure. However, performance metrics are lacking, and the site shows moderate mobile optimization and basic accessibility features. Hosting is via Microsoft Azure DNS, and the site uses common JavaScript libraries and plugins. From a security perspective, the absence of a valid SSL certificate and HTTPS is a critical vulnerability, severely impacting the site's security posture. Additional security features such as HSTS, DMARC, DNSSEC, and advanced security headers are missing, exposing the site to potential risks. The site does implement cookie consent mechanisms and has a vulnerability disclosure policy, indicating some security awareness. Overall, while the business and content quality are excellent, the security shortcomings present significant risks. Strategic improvements in SSL/TLS deployment and security hardening are essential to protect the brand and user trust.

din – Dietmar Nocker Sicherheitstechnik GmbH & Co KG is a medium-sized Austrian company specializing in emergency lighting solutions with over 40 years of industry experience. The company offers a comprehensive portfolio including product development, systems, and service support, targeting businesses requiring compliant emergency lighting. Their market position is strong in Austria and neighboring countries, supported by multiple locations and a professional online presence. Technically, the website is built on WordPress with multilingual support and privacy-conscious analytics via Matomo. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security shortfall, exposing users to risks and undermining trust. The company demonstrates good privacy compliance with detailed cookie consent mechanisms and GDPR-aligned policies. Overall, the business is credible and professional but must urgently address its security posture to protect users and maintain trust.

Vienna Capital Partners (VCP) is an established independent corporate finance advisory firm operating primarily in Central, Eastern, and Southeastern Europe with offices in Vienna and Warsaw. The company specializes in mergers and acquisitions, strategic advisory, capital advisory, and related financial services targeting large and mid-sized corporations, private equity funds, entrepreneurs, and family offices. Their market position is strong within their niche, supported by a professional website showcasing detailed transaction references and senior professionals. Technically, the website is built on WordPress with common plugins and frameworks but suffers from an invalid SSL certificate, which undermines its security posture. The site is mobile optimized and provides clear contact information but lacks advanced security headers and explicit security or incident response policies. Overall, the business credibility is good, but security improvements are necessary to enhance trust and compliance.

M

Microtronics Engineering GmbH

microtronics.at

27

Microtronics Engineering GmbH is a medium-sized Austrian company specializing in technology solutions for environmental technology and energy management. Their offerings include advanced data loggers, sensors, and an IoT platform designed for reliable data transmission even in harsh environments. The company has a strong international presence with partners in 80 countries and a focus on B2B markets in energy and environmental sectors. Technically, the website is built on WordPress with WooCommerce and Elementor, integrating marketing and analytics tools such as HubSpot and Google Analytics. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect users and enhance credibility.

K

Katun Corporation

katun.com

37

Katun Corporation is a well-established global provider of OEM-compatible imaging supplies, photoreceptors, and parts for copiers, printers, and multifunction printers (MFPs). With over 45 years in the industry, Katun serves a broad B2B audience including distributors and businesses worldwide. The company emphasizes quality, cost savings, and service levels, supported by a professional and content-rich website that highlights its global reach and product offerings. Technically, the website is built on WordPress with modern SEO and marketing tools such as Yoast SEO and Visual Website Optimizer, and supports multiple languages via WPML. However, the site suffers from a critical security deficiency: the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts its security posture and trustworthiness. Additionally, no cookie consent mechanism is present despite the use of tracking scripts, indicating partial privacy compliance. Overall, the business credibility and content quality are strong, but the security shortcomings require urgent remediation.

S

Stadtgemeinde Amstetten

amstetten.at

34

The website amstetten.at serves as the official online portal for the Stadtgemeinde Amstetten, a municipal government entity in Austria. It provides residents and visitors with comprehensive information about city administration, services, events, and public resources. The site targets local citizens and stakeholders, offering key services such as event announcements, service directories, job postings, and public transportation information. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the website is built on the WordPress CMS platform, utilizing common plugins such as Yoast SEO for search optimization, WP Statistics for analytics, and Complianz for GDPR-compliant cookie management. The site employs Apache as the web server and includes JavaScript libraries like jQuery and RoyalSlider for interactive features. While the site is mobile-optimized and accessible, performance data is incomplete, and the site currently lacks a valid SSL certificate, resulting in no HTTPS support. From a security perspective, the absence of a valid SSL certificate is a critical vulnerability, exposing users to potential data interception risks. The site does not implement modern TLS protocols, HSTS, or OCSP stapling, which are essential for secure communications. However, no known vulnerabilities such as Heartbleed or POODLE were detected. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR requirements. Overall, the website is a well-structured and professionally maintained municipal portal with good content quality and user experience. The primary risk lies in the lack of HTTPS, which should be addressed urgently to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern security protocols, and enhancing security headers to improve the site's security posture and compliance.

ش

شرکت مهندسی صنعت و تولید جمع‌ساز

jamsaz.com

20

شرکت مهندسی صنعت و تولید جمع‌ساز یک شرکت تولیدی متوسط در ایران است که در زمینه طراحی و تولید سیستم‌های روشنایی خودرو فعالیت می‌کند. این شرکت با سابقه بیش از 30 سال، محصولات متنوعی از چراغ‌های خودرو را ارائه می‌دهد و دارای آزمایشگاه تخصصی با گواهینامه‌های معتبر است. سایت شرکت به زبان فارسی و با استفاده از وردپرس و افزونه‌های رایج ساخته شده است. از نظر فنی، سایت از تکنولوژی‌های مدرن بهره می‌برد اما فاقد گواهی SSL معتبر است که یک ضعف امنیتی مهم محسوب می‌شود. همچنین سیاست‌های حفظ حریم خصوصی و کوکی‌ها در سایت به صورت آشکار وجود ندارد که می‌تواند ریسک‌های قانونی ایجاد کند. به طور کلی، شرکت موقعیت خوبی در بازار روشنایی خودرو ایران دارد اما نیازمند بهبودهای امنیتی و انطباق با مقررات حفظ حریم خصوصی است.

W

WOMEN AGAINST VIOLENCE EUROPE

wave-network.org

40

WOMEN AGAINST VIOLENCE EUROPE (WAVE) is a well-established non-profit network comprising over 180 European women’s NGOs dedicated to preventing and protecting women and children from violence. The organization focuses on capacity building, advocacy, research, and awareness raising, positioning itself as a leading entity in the European women's rights sector. Their website reflects a professional and content-rich platform targeting NGOs, professionals, policymakers, and the general public interested in gender equality and violence prevention. Technically, the website is built on WordPress with a modern plugin ecosystem including Gravity Forms, Event Tickets, and MemberPress. While the design and content quality are excellent, technical performance is moderate, and mobile optimization is good. The site uses Matomo for analytics and Borlabs Cookie for privacy compliance, indicating a mature approach to user data and consent. Security-wise, the site suffers from a critical issue: an invalid or missing SSL certificate, resulting in no active TLS protocols and weak encryption posture. Although some security headers are present, the lack of proper HTTPS implementation significantly lowers the security score. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and consent mechanisms. Overall, the site is trustworthy and professionally managed but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and maintain credibility. Strategic improvements in security infrastructure will enhance user trust and compliance with modern web standards.

S

Softsolution GmbH

softsolution.at

21

Softsolution GmbH, in partnership with LiteSentry LLC, operates as a leading provider of automated quality assurance systems for the glass industry. Their solutions focus on precision inspection technologies that detect defects in glass manufacturing, enhancing production efficiency and product quality. The company maintains a strong global presence with over 3,000 systems installed worldwide and offices in Austria and the USA. Their website reflects a professional and comprehensive digital presence, supporting multiple languages and showcasing extensive product and project information. Technically, the website is built on WordPress with modern plugins and libraries such as jQuery, Slick Slider, and Borlabs Cookie for privacy management. Hosting is provided via Cloudways with Cloudflare CDN integration. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture, exposing the site to potential risks. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Security evaluation reveals critical issues including no HTTPS support, no HSTS, and no OCSP stapling, which are essential for secure communications. Despite these, the site employs some best practices like HttpOnly and Secure cookie flags and uses a reputable CDN. The overall risk is moderate but requires urgent remediation of SSL/TLS issues to protect user data and maintain trust. Strategically, the company should prioritize implementing a valid SSL certificate and modern security protocols, enhance incident response visibility, and continue leveraging their strong market position and trust indicators to maintain competitive advantage.

S

SILVERLINE

silverline24.de

35

Silverline24.de is a German-based manufacturer and retailer specializing in kitchen appliances, particularly kitchen ventilation products such as wall-mounted hoods, island hoods, cooktop extractors, and related accessories. The company holds a recognized market position supported by industry awards like the Plus X Award for Fachhandelsmarke des Jahres 2020 and membership in the Arbeitsgemeinschaft Die Moderne Küche e.V. (AMK). Their website targets kitchen appliance buyers, retailers, and partners primarily in Germany and Europe, offering detailed product information, customer service, and partner portals. Technically, the website is built on WordPress with WooCommerce and uses modern plugins for SEO, cookie consent, and performance optimization. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Other security best practices such as HSTS, DMARC, DNSSEC, and security headers are missing or not configured. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

U

Unique Computing Solutions

ucs-inc.net

30

Unique Computing Solutions is a well-established IT managed services provider specializing in tailored IT support and advanced IT solutions for small and medium-sized businesses. With over 25 years of experience, the company emphasizes customer service and long-term client relationships, serving diverse industries with a comprehensive portfolio of IT and security services. The website reflects a professional digital presence with strong branding, client testimonials, and integrated social proof. However, the technical infrastructure shows gaps, notably the absence of a valid SSL certificate and HTTPS, which significantly impacts security posture. While privacy policies and GDPR compliance mechanisms are in place, the lack of modern security protocols and performance optimization presents risks. Strategic improvements in SSL/TLS implementation and security headers are critical to enhance trust and protect client data.

Z

Zynga

zynga.com

40

Zynga is a leading global interactive entertainment company specializing in mobile and online games with a broad portfolio of popular franchises. As a wholly-owned subsidiary of Take-Two Interactive Software, Zynga has a strong market position with billions of downloads worldwide. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting mobile and online gamers globally. Technically, the site is built on WordPress with SEO optimizations and uses Amazon CloudFront for hosting and CDN services. However, the absence of a valid SSL certificate and disabled modern TLS protocols represent significant security gaps. Security headers are partially implemented but require tightening to mitigate risks such as cross-site scripting. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, Zynga's website demonstrates strong business credibility and digital maturity but needs urgent improvements in SSL/TLS security to protect user data and maintain trust.

D

Doppler LLC

fromdoppler.com

40

Doppler LLC operates a comprehensive marketing automation platform primarily targeting Spanish-speaking businesses in Latin America and Spain. Their website offers a wide range of services including email marketing, push notifications, SMS marketing, WhatsApp marketing, chatbots, landing pages, and data intelligence. The company positions itself as a leading SaaS provider in the marketing technology sector with a strong brand presence and extensive client testimonials. Technically, the website is built on WordPress and leverages modern marketing and analytics tools such as Google Tag Manager, OneTrust for cookie consent, and Zendesk for customer support. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that undermines user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance is evident. Overall, the site is professional, content-rich, and user-friendly but requires urgent security improvements to meet modern standards.

S

SSC GmbH

ssc-ingenieure.at

24

SSC GmbH is a small Austrian company founded in 2015 specializing in engineering, IT nearshore project services, and technical expert and management search. The company leverages over 25 years of experience and a strong national and international network to provide specialized technical staffing and engineering solutions, including custom machinery development and software development via nearshore partners. The website is professionally designed using WordPress and the Divi theme, targeting German-speaking technical and industrial audiences. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Cookie consent mechanisms are implemented, reflecting GDPR compliance, but no explicit security or incident response policies are found. Overall, the company presents a credible business profile with clear contact information and a consistent brand presence.

T

TOPPAN Digital Language GmbH

meinrad.cc

40

TOPPAN Digital Language GmbH is a medium-sized, ISO-certified translation and localization service provider based in Austria, serving leading companies primarily in the DACH region. The company offers a comprehensive suite of services including documentation translation, marketing translations, software and website localization, and outsourcing solutions, supported by consulting and workflow optimization. The website reflects a professional and well-branded digital presence, leveraging WordPress with Elementor and integrating multiple marketing and analytics tools such as HubSpot and Google Analytics. Despite strong content quality and privacy compliance, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. The domain registration and DNS configurations are consistent and trustworthy, with no signs of privacy protection or suspicious patterns. Overall, the website is functional and credible but requires urgent security improvements to protect user data and enhance trust.

X

XYZ

wearexyz.com

36

XYZ is a creative visual production agency based in San Francisco specializing in 3D rendering, photography, retouching, video, motion graphics, and other visual content creation services. The company partners with notable brands to deliver compelling content and experiences that drive results. Their website showcases a strong portfolio of industry-leading clients, reflecting a solid market position in the media and creative production sector. Technically, the website is built on WordPress with Elementor and leverages modern JavaScript libraries and third-party services such as Vimeo and Google Analytics. Hosting is provided by WP Engine with Cloudflare as a CDN, indicating a professional infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are minimal, and no advanced security policies or incident response contacts are found. Privacy and cookie policies are absent, which may impact compliance with GDPR and other regulations. Overall, the site presents a professional business front but requires urgent improvements in security and privacy compliance to reduce risk and enhance trust.

A

Avnet Embedded

msc-technologies.eu

40

Avnet Embedded is a division of Avnet, Inc., specializing in embedded computing, display, and software solutions for OEMs and businesses aiming to accelerate product time-to-market. The company positions itself as a world leader in embedded technology, offering a broad range of services including design, manufacturing, assembly, and software consultancy. Their business model leverages a strong partner ecosystem and in-house capabilities to deliver comprehensive embedded solutions. The website content is rich, professionally designed, and targets a global audience in the technology and manufacturing sectors. Technically, the website is built on WordPress with WooCommerce and several modern plugins such as Smart Slider 3 and Ultimate Member. The site uses Google Analytics and Google Tag Manager for tracking and marketing purposes. While the design and content quality are excellent, performance is slow, and there is a notable lack of valid SSL/TLS configuration, which impacts security and user trust. From a security perspective, the site implements several important HTTP security headers and cookie flags, but the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place, indicating good GDPR adherence. However, no explicit incident response or vulnerability disclosure policies were found. Overall, the site demonstrates a mature business presence with strong content and privacy practices but suffers from critical security configuration issues that should be addressed promptly to improve trust and protect users.

W

WK-Development GmbH

wk-development.com

38

WK-Development GmbH is a Vienna-based real estate development company specializing in exclusive residential projects in Vienna, its surroundings, and Eastern Europe. The company operates as a management holding for project companies involved in acquisition, development, and sale of high-end residential properties. With a portfolio exceeding 150,000 m² of new residential space developed in recent years, WK-Development targets private and institutional investors seeking profitable real estate investments. The website reflects a mature digital presence with detailed project showcases, team profiles, and partner information, supporting its market positioning as a reliable and growing player in Central European real estate development. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern CMS and SEO-friendly infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential data interception risks. The site lacks advanced security headers and email authentication mechanisms like DMARC, which could be improved to enhance trust and security. Performance data is unavailable, but the site uses WP Rocket for optimization and appears mobile responsive. Security posture is weak due to missing HTTPS and TLS protocols, no HSTS, and no OCSP stapling. Privacy compliance is partial; a comprehensive privacy policy exists, but no cookie consent mechanism is detected, which is a GDPR compliance risk. Contact information is clearly presented, including a company email and physical address, but no phone numbers are explicitly provided. Social media presence is active on Facebook, Instagram, and YouTube. Overall, WK-Development GmbH presents a professional and credible business front with strong content and branding but requires urgent security improvements to protect users and comply with privacy regulations. Strategic recommendations include immediate SSL implementation, enhanced email security, and cookie consent integration to align with best practices and regulatory requirements.

E

Euronet Worldwide, Inc.

euronetworldwide.com

39

Euronet Worldwide, Inc. operates as a global leader in payments processing and cross-border transactions, providing a broad range of financial technology solutions including electronic funds transfer, prepaid products, and money transfer services. The company serves financial institutions, fintechs, retailers, and consumers worldwide, leveraging platforms such as Ren and Dandelion to enable real-time, compliant cross-border payments. The website reflects a mature enterprise with a strong market position and comprehensive business information, including investor relations and corporate governance details. Technically, the site is built on WordPress with Elementor and hosted on WP Engine, integrating modern analytics and cookie consent tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Security headers are partially implemented, but improvements are needed in TLS protocol support, HSTS, and session management. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security enhancements to protect user data and maintain credibility.

J

Jebsen & Co. Ltd.

jebsen.com

40

Jebsen & Co. Ltd. is a well-established company founded in 1895, specializing in marketing, distribution, and investment of premium brands primarily in Greater China. The company operates across diversified sectors including Motors, Beverage, Consumer, and Capital investments, positioning itself as a bridge between Eastern and Western markets. The website reflects a mature digital presence with comprehensive business information, multilingual support, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and user experience features, though performance metrics are unavailable. Security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is partially met with a privacy policy and incident response contact, but lacks cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

N

net4com GmbH

net4com.at

40

net4com GmbH is a specialized company focusing on trading IT and telecommunications hardware, asset recovery, recycling, consulting, and engineering services primarily targeting the Central and Eastern European markets. With over 25 years of industry experience and local presence in Austria, Bulgaria, and the UK, the company leverages a trusted network of partners and OEM vendors to provide integrated and personalized solutions. Their business model includes managed service contracts for asset management and compliance with environmental regulations, supporting clients' corporate responsibility programs. Technically, the website is built on WordPress using common plugins and themes, served by an Apache server on CentOS with PHP 7.4.29. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. The site shows basic mobile optimization and accessibility but has slow performance and limited SEO optimization. From a security perspective, the absence of HTTPS, lack of security headers, and missing advanced security policies reduce the overall security posture. No incident response or vulnerability disclosure policies are present. Privacy and cookie policies exist but lack active consent mechanisms. Contact information is comprehensive and professionally presented, enhancing business credibility. Overall, while the business appears legitimate and professionally presented, the website's security shortcomings, especially the lack of HTTPS, pose risks to user trust and data protection. Strategic improvements in security infrastructure and privacy compliance are recommended to enhance the company's digital maturity and trustworthiness.

M

MediaClan - Gesellschaft für Online Medien G.m.b.H.

mediaclan.at

23

MediaClan is a small Austrian company specializing in online media, social media projects, and genealogical research services. The website presents professional content in German, targeting clients interested in online communities and family history research. The company leverages WordPress CMS with caching and push notification technologies, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking technologies in use. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

U

untermStrich Software GmbH

untermstrich.com

33

untermStrich Software GmbH is a technology company specializing in SaaS-based office management and controlling software tailored for architects and engineers. The company has a strong market presence with approximately 87,000 users worldwide and operates in multiple countries including Austria, Germany, and the USA. Their flagship product, untermStrich X4, offers comprehensive tools for project management, electronic invoicing, CRM, and document management, targeting architectural and engineering firms. The website demonstrates a high level of digital maturity with professional design, structured data, and SEO optimization. However, the current lack of a valid SSL/TLS certificate and disabled HTTPS protocols represent a critical security vulnerability that must be addressed promptly. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Overall, untermStrich presents a credible and professional business with a solid technical infrastructure but requires immediate improvement in its security posture.

S

Successfactory Consulting Group

successfactory.cc

39

Successfactory Consulting Group is a specialized consulting firm based in Austria focusing on organizational development, process optimization, product and system development, sustainability, agile transformation, and digitalization including artificial intelligence. The company offers a combination of consulting, training, coaching, and digital solutions targeting organizations seeking to improve productivity and adapt to modern trends. The website is built on WordPress with Elementor and Astra theme, showing a moderate level of digital maturity but lacking a valid SSL certificate, which is a critical security gap. The presence of GDPR-compliant cookie consent and privacy policy indicates attention to privacy compliance. Social media presence on major platforms supports business credibility. However, the absence of HTTPS and modern TLS protocols significantly impacts the security posture and overall trustworthiness of the site.

M

Montanwerke Brixlegg AG

montanwerke-brixlegg.com

40

Montanwerke Brixlegg AG is a mature manufacturing company specializing in copper recycling and upcycling solutions, with a strong emphasis on sustainability. The company operates primarily in Austria and targets industrial customers requiring high-quality copper products such as cathodes and round bolts. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common plugins like Yoast SEO and Borlabs Cookie, but suffers from a lack of a valid SSL certificate, resulting in no HTTPS support and weak security posture. Security headers are partially implemented, but critical TLS protocols and cipher suites are missing, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is clearly presented, enhancing business credibility. Overall, the site scores moderately due to security shortcomings and technical performance issues.

C

Curium Austria GmbH

iason.eu

33

Curium Austria GmbH is a specialized manufacturer and distributor of radiopharmaceuticals for nuclear medicine, operating two production sites in Austria and integrated into the global Curium Pharma network since 2021. The company targets healthcare providers and hospitals across Europe, offering PET radiopharmaceuticals with marketing authorizations in multiple countries. The website is professionally designed using WordPress and Elementor, providing comprehensive content about the company, products, and career opportunities. Technically, the site uses modern web technologies and is hosted behind Cloudflare, but critically lacks a valid SSL certificate, exposing it to security risks. Privacy compliance is well managed with a detailed cookie consent mechanism and a comprehensive privacy policy. Contact information is available primarily via a contact form and physical addresses, but no explicit company emails or phone numbers are listed. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements.

Vision Estate India is a medium-sized real estate company based in India, specializing in residential and commercial properties primarily in Gurgaon. Established in 1996 and ISO 9001:2008 certified, the company offers services including buying, selling, and renting properties. The website is built on WordPress with WooCommerce and Elementor, showcasing property listings, testimonials, and partner logos. However, the site lacks HTTPS, which significantly impacts its security posture. No privacy or cookie policies are present, indicating compliance gaps. The technical infrastructure is moderate but could benefit from performance and security improvements.