Security Directory

K

Kyckling från Kronfågel

kronfagel.se

44

Kyckling från Kronfågel is a leading Swedish brand specializing in chicken products, offering a wide range of retail and foodservice solutions. The website provides extensive recipe content and sustainability information, targeting consumers and professionals interested in quality Swedish chicken. The technical infrastructure is based on WordPress with modern JavaScript frameworks like React, supported by analytics and marketing tools including Google Analytics, TikTok Pixel, and Cookiebot for privacy compliance. Security posture is strong with HTTPS, security headers, and reCAPTCHA integration, though explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a mature digital presence with good privacy compliance and user experience.

N

Nrep

nrep.com

41

Nrep is a prominent real estate company focused on investing, developing, and operating sustainable urban properties primarily in the Nordic region. The company positions itself as a leader in driving real change in real estate through innovation and sustainability, supported by its affiliation with Urban Partners. The website reflects a mature business with a clear market position and a comprehensive portfolio of projects and solutions. Technically, the site is built on WordPress with modern JavaScript libraries and integrates privacy-compliant analytics and cookie consent mechanisms. Security posture is strong with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie consent and privacy policies. Overall, the website presents a professional, trustworthy, and user-friendly digital presence.

E

Enea

enea.com

65

Enea is a well-established global leader specializing in AI-powered software solutions for telecom networks and cybersecurity. The company serves a broad range of clients including communication service providers, CPaaS providers, software vendors, and government regulators. Their software portfolio covers messaging security, signaling and voice security, network traffic management, and IoT connectivity, among others. Enea's market position is strong, with over 30% of the world's mobile services relying on their technology, and a presence in 101 countries. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to their target audience. Technically, the website is built on WordPress with modern performance and SEO optimizations including WP Rocket, Yoast SEO Premium, and lazy loading techniques. The site is mobile-optimized and accessible, leveraging popular JavaScript libraries such as jQuery and Axios. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the security posture is good with no critical issues detected. The company demonstrates trustworthiness through certifications, client testimonials, and consistent WHOIS data. The website employs moderate user tracking via Piwik PRO and Google Tag Manager, balanced with privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure program to further strengthen trust and compliance.

S

Synapse-Consulting

synapse.com.pk

35

Synapse-Consulting is a small IT consulting and development firm specializing in providing tailored business solutions for small and medium-sized businesses. Their services include application development, operational efficiency consulting, mobile app development, and technology integration. The company positions itself as a transparent, cost-competitive partner with expertise in serving SMBs. The website is professionally designed using modern frontend technologies such as Bootstrap 5, jQuery, and various UI libraries, offering a good user experience and mobile optimization. However, the site lacks critical privacy and security disclosures, including privacy policies, cookie consent, and terms of service. No contact emails or phone numbers are explicitly provided, which may impact user trust and compliance. Security posture is moderate with no visible vulnerabilities but lacks HTTPS confirmation and security headers. Overall, the website is functional and professional but requires improvements in privacy compliance and security transparency to enhance trust and regulatory adherence.

G

Greenlight TV

greenlight.tv

43

Greenlight TV is a specialized media company focused on producing and distributing sports, factual, live, and branded content. Their website reflects a professional presence with clear messaging about their services and target audience, primarily sports broadcasters and content stakeholders. The company emphasizes delivering projects on message, on time, and on budget, with bespoke distribution solutions across multiple platforms. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses popular libraries such as jQuery and Font Awesome. The site is mobile-optimized and performs moderately well, though accessibility and SEO could be improved. Security-wise, the site uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, indicating compliance gaps. Analytics tools like Google Analytics and Tag Manager are in use, suggesting moderate user tracking without explicit consent mechanisms. Overall, the site is credible and trustworthy but would benefit from enhanced privacy and security practices.

N

Nasaleze International Ltd.

nasaleze.com

51

Nasaleze International Ltd. operates a professional website offering clinically proven nasal spray products designed to protect against allergens, viruses, and pollution. The company targets consumers seeking drug-free nasal protection solutions and maintains a consistent brand presence with clear product information and customer reviews. The website is well-structured, mobile-optimized, and provides essential legal and privacy documentation, reflecting a mature digital presence. Technically, the site uses modern frontend technologies including jQuery, Tailwind CSS, and FancyBox for UI enhancements. While the site performs moderately well and is mobile-friendly, there is room for improvement in accessibility and security header implementation. No CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS and provides cookie consent mechanisms, but lacks publicly available security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration details align well with the business information, supporting legitimacy and trustworthiness. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security policy transparency and technical security controls would enhance the security posture and trust further.

F

Fiera Capital Corporation

fieracapital.com

49

Fiera Capital Corporation is a large, independent asset management firm headquartered in Canada with a significant global presence across North America, Europe, and Asia. The company specializes in delivering customized multi-asset investment solutions to institutional, financial intermediary, and private wealth clients. Their business model focuses on sustainable wealth creation through a diverse investment platform including public and private market asset classes. The firm is well-positioned in the finance industry with a strong market reputation supported by comprehensive content, regular updates, and multiple subsidiary entities. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery, Flickity, and Fancybox, alongside Google Tag Manager and Google Analytics for tracking and marketing. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security measures include HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some HTTP security headers could be improved. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR compliance indicators, and a whistleblowing policy. However, explicit incident response contact channels and a vulnerability disclosure policy are not evident. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, making it a reliable digital presence for Fiera Capital Corporation.

F

Four Seasons Health Care Group

fshc.co.uk

47

Four Seasons Health Care Group is a UK-based healthcare organization that historically operated a high performing care home group. As of April 2025, the group completed the sale of its care home operations, with all homes now owned and operated by other providers. The website primarily serves investors, commissioners, financial stakeholders, and individuals seeking care home information. The business model has transitioned from direct care home management to a more informational and investor-focused presence. Technically, the website is built on WordPress using a modern tech stack including WPBakery Page Builder, jQuery, Google Maps API, and various plugins for forms and analytics. The site is mobile optimized with good SEO practices and uses HTTPS with valid SSL certificates. However, some security best practices such as security headers and cookie consent mechanisms are missing. From a security perspective, the site shows moderate maturity with HTTPS enforced and no exposed sensitive data. The lack of security headers and cookie consent reduces compliance with GDPR and other privacy regulations. No incident response or security policy information is published. Tracking and analytics are implemented via Google Tag Manager and Mediahawk, with moderate user tracking. Overall, the website is professional and trustworthy with good business credibility and content quality. Security and privacy compliance can be improved by implementing security headers, cookie consent, and publishing security policies. The site is not blocked by any WAF or security challenge, allowing full content access and analysis.

H

Hayden Outdoors

haydenoutdoors.com

55

Hayden Outdoors is a specialized real estate brokerage focusing on land, ranches, farms, and recreational properties across the United States. The company offers a comprehensive online platform featuring detailed property listings, auctions, and equipment sales, targeting land buyers, sellers, and outdoor enthusiasts. Their market position is strong within the niche of rural and recreational real estate, supported by professional branding and extensive digital content. Technically, the website is built on WordPress and integrates a modern tech stack including Bootstrap, Mapbox, HubSpot, and multiple analytics tools such as Google Analytics, Matomo, and Hotjar. The site is mobile-optimized, accessible, and SEO-friendly, leveraging structured data and rich media content to enhance user experience and search visibility. From a security perspective, the site employs HTTPS with good SSL configuration and uses reCAPTCHA for form protection. However, it lacks explicit security headers like Content-Security-Policy and does not publish a dedicated security or incident response policy. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism, which may pose compliance risks. Overall, Hayden Outdoors presents a professional and trustworthy online presence with strong business credibility and technical maturity. Strategic improvements in privacy compliance and security policy transparency would further enhance their risk posture and user trust.

R

Rail Baltic Estonia

rbestonia.ee

56

Rail Baltic Estonia is a key organization managing the Rail Baltica infrastructure project in Estonia, aiming to establish a green rail connection with Europe. The website reflects a medium-sized government-backed entity focused on transportation infrastructure, providing project updates, career opportunities, and stakeholder information.

M

MTU Aero Engines AG

mtu.de

57

MTU Aero Engines AG is Germany's leading engine manufacturer and a globally recognized player in the aerospace industry. The company specializes in the manufacturing and maintenance of commercial and military aircraft engines as well as industrial gas turbines. Their website reflects a mature digital presence with comprehensive content targeting industry professionals, investors, and potential employees. The site is built on TYPO3 CMS and employs modern web technologies including JavaScript libraries and Piwik/Matomo analytics for user tracking. Security practices such as HTTPS enforcement and cookie consent mechanisms are in place, although explicit security policy and incident response information are not publicly detailed. Overall, the website demonstrates a strong professional image, good technical implementation, and compliance with privacy regulations.

G

Greiner AG

greiner.com

56

Greiner AG is a globally leading Austrian manufacturing company specializing in plastic and foam solutions with three main divisions: Greiner Bio-One, Greiner Packaging, and NEVEON. The company serves diverse industries including packaging, medical technology, automotive, furniture, and sports. The website reflects a mature digital presence built on TYPO3 CMS with modern web technologies, offering a professional, well-structured, and mobile-optimized user experience. Security posture is strong with HTTPS and secure form handling, though some security headers and explicit security policies are absent. Privacy and cookie policies are comprehensive and GDPR compliant. Contact information is clearly presented with multiple channels including emails and phone numbers. Overall, the website demonstrates high business credibility and technical maturity, supporting the company's market position and operational transparency.

W

Wise Wolves Group Limited

wise-wolves.com

52

Wise Wolves Group Limited is a Cyprus-based financial services group offering a range of services including investment brokerage, payment institution services, corporate services, and trustee company functions. The group is regulated by CySEC and the Central Bank of Cyprus, holding multiple licenses and memberships that establish its credibility in the financial sector. Their website presents a professional image with clear navigation and detailed descriptions of their subsidiaries and services, targeting investors and businesses seeking financial and corporate solutions. Technically, the website employs a modern technology stack including jQuery, MDBootstrap, and various analytics and tracking tools such as Google Analytics, Facebook Pixel, and Yandex Metrika. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No CMS is detected, indicating a custom or static site architecture. Performance is moderate with room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks explicit security headers and does not publicly disclose incident response or security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent banner or GDPR compliance indicators. Contact information is clearly provided, enhancing business credibility. Overall, the website scores well in business credibility and content quality but could improve in privacy compliance and security best practices. There are no critical security issues or blocking mechanisms detected, making it a trustworthy platform for its intended audience.

S

SIPRIN, s.r.o.

siprin.sk

46

SIPRIN, s.r.o. is a well-established Slovak subsidiary of Siemens, specializing in industrial automation, maintenance outsourcing, and technical training. Founded in 1999, the company leverages Siemens technologies to provide engineering, maintenance, and educational services primarily to industrial clients. The website reflects a mature digital presence with comprehensive service and training descriptions, clear contact channels, and strong compliance messaging. Technically, the site uses a modern tech stack including Bootstrap and jQuery, with good mobile responsiveness and user experience. Security posture is solid with HTTPS and a detailed compliance program, though some security headers could be improved. No blocking or WAF interference was detected, allowing full content access. Overall, the site projects professionalism, trustworthiness, and alignment with Siemens corporate standards.

Primerica, Inc. is a well-established financial services company founded in 1977, specializing in term life insurance, investments, mortgages, and debt solutions primarily targeting middle-income families in North America. The company leverages licensed representatives to provide financial education and personalized financial solutions, positioning itself as a trusted leader in the finance sector with multiple industry awards and recognitions. The website reflects a professional and comprehensive presentation of their services and values, supported by consistent branding and strong trust indicators. Technically, the site uses a modern JavaScript stack including jQuery, Bootstrap, and Owl Carousel, hosted on IBM HTTP Server, with good mobile optimization and accessibility features. However, the site suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy, though GDPR compliance is not explicitly confirmed. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

T

Theater Regensburg

theaterregensburg.de

25

Theater Regensburg is a public theater institution located in Regensburg, Germany, offering a diverse range of cultural performances including music theater, dance, and plays. The website serves as a portal for event information, ticket sales, and community engagement, targeting local and regional audiences interested in cultural arts. The business operates primarily in the hospitality and cultural sector with a medium-sized organizational footprint. Technically, the website employs a modern frontend stack with libraries such as jQuery, Bootstrap, and Font Awesome, providing a good user experience and mobile optimization. However, the absence of a valid SSL certificate and missing DNS records represent significant technical and security shortcomings. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. The site maintains active social media channels and provides clear contact information, enhancing business credibility. Overall, the website is functional and professional but requires urgent improvements in security infrastructure to protect user data and improve trust.

S

Strobl Bau – Holzbau GmbH

strobl.at

21

Strobl Bau – Holzbau GmbH is a well-established construction and wood construction company based in Austria, with a history dating back to 1964. The company specializes in residential, industrial, and commercial building projects using both massive and wood construction methods. It holds a leading position in the regional market of Steiermark, offering comprehensive services including planning, coordination, and quality control. The website reflects a professional and consistent brand image, targeting property developers and clients seeking high-quality construction solutions. Technically, the website is built on WordPress with a modern tech stack including Apache, jQuery, Bootstrap, and several specialized plugins for enhanced user experience and functionality. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly impacts its security posture. Despite this, the site implements several security headers and has a good privacy and cookie policy framework with consent mechanisms, indicating a commitment to compliance. The security evaluation reveals critical vulnerabilities due to the absence of HTTPS, lack of strong cipher suites, and incomplete HSTS implementation. These issues pose risks to data confidentiality and user trust. The website provides multiple contact channels, including phone, email, and contact forms, along with active social media profiles, enhancing its business credibility. Overall, while the business and content quality are strong, the security shortcomings require urgent attention to protect users and maintain trust. Strategic improvements in SSL/TLS deployment and security configurations are recommended to elevate the site's security and compliance standards.

R

Rhema Gemeinde

rhema.at

40

Rhema Gemeinde is a small non-profit religious community based in Linz, Austria, focused on providing Christian church services, youth and children programs, and community events. The website serves as an informational and engagement platform for members and visitors, offering event details, livestream access, and contact options. The technical infrastructure is based on TYPO3 CMS with common web technologies such as Bootstrap and jQuery, hosted via easyname.eu. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no advanced security or incident response policies are evident. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professionally designed but requires urgent security improvements to protect user data and enhance trust.

L

Logwin AG

logwin-logistics.com

40

Logwin AG operates an international logistics and transportation services website offering a broad range of services including sea freight, air freight, warehousing, and transport management. The company targets businesses requiring reliable logistics solutions and positions itself as a professional and dedicated provider with a worldwide network. The website is built on TYPO3 CMS and uses modern frontend technologies such as jQuery and Fancybox, providing a good user experience with clear navigation and professional design. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts the security posture. Security headers are partially implemented, and privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is limited to a contact form, with no explicit emails or phone numbers found. Overall, the website is functional and professional but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

I

Institut Teknologi Sepuluh Nopember

its.ac.id

40

Institut Teknologi Sepuluh Nopember (ITS) is a prominent Indonesian university specializing in science, technology, and arts education. The website serves a broad audience including prospective and current students, faculty, staff, parents, and alumni. It offers comprehensive information on academic programs, research, innovation, and public services. The institution holds a strong market position with recognized rankings in Asia Pacific and globally. Technically, the website is built on WordPress with a modern tech stack including Visual Composer, Yoast SEO, and various JavaScript libraries, providing a rich user experience with good mobile optimization and accessibility. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present but insufficient without proper SSL. Privacy and cookie policies are not found, indicating compliance gaps. DNS records are missing or incomplete, raising concerns about domain configuration. Overall, the site is professional and trustworthy in content but requires urgent improvements in security and privacy compliance.

Folyo GmbH operates a specialized out-of-home advertising platform focused on measurable vehicle advertising using premium electric and hybrid vehicles. Their business model emphasizes performance-driven campaigns with pay-per-impression pricing, targeting brands, agencies, and professional drivers primarily in Austria. The website presents a professional and consistent brand image with clear service offerings including vehicle branding, in-car digital screens, and creative add-ons such as product sampling and urban gamification. Technically, the site is built on Bitrix CMS and served via LiteSpeed, incorporating common web technologies like jQuery and Google Fonts. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Security headers are minimal, and no advanced security or incident response policies are publicly disclosed. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

G

Gelateria Romana - La Romana Srl

romanagroup.com

40

Gelateria Romana - La Romana Srl is a well-established Italian gelateria business founded in 1947, specializing in traditional gelato and pastry products with a franchising business model. The company targets entrepreneurs interested in franchising opportunities and consumers seeking quality artisanal gelato. The website reflects a consistent brand with good content quality and clear business information. Technically, the site uses a proprietary CMS (TITANKA!) with older JavaScript libraries and Bootstrap 3.2.0, indicating moderate digital maturity. However, the lack of HTTPS and modern TLS protocols is a critical security gap. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

X

XYZ

wearexyz.com

36

XYZ is a creative visual production agency based in San Francisco specializing in 3D rendering, photography, retouching, video, motion graphics, and other visual content creation services. The company partners with notable brands to deliver compelling content and experiences that drive results. Their website showcases a strong portfolio of industry-leading clients, reflecting a solid market position in the media and creative production sector. Technically, the website is built on WordPress with Elementor and leverages modern JavaScript libraries and third-party services such as Vimeo and Google Analytics. Hosting is provided by WP Engine with Cloudflare as a CDN, indicating a professional infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are minimal, and no advanced security policies or incident response contacts are found. Privacy and cookie policies are absent, which may impact compliance with GDPR and other regulations. Overall, the site presents a professional business front but requires urgent improvements in security and privacy compliance to reduce risk and enhance trust.

Fait Internet Software GmbH is an Austrian FinTech company with over 20 years of experience specializing in digital solutions for wealth management and securities advisory. Their offerings include a modern securities advisory tool (PIA), a comprehensive suite of APIs for financial institutions, and digitalization projects tailored for asset management and private banking. The company targets banks, FinTechs, and insurance firms, positioning itself as a trusted niche player in the German-speaking financial technology market. Technically, the website is built on TYPO3 CMS with modern frontend libraries such as Bootstrap and jQuery, and integrates Google services like Maps and Analytics. While the site is well-structured, mobile-optimized, and SEO-friendly, it suffers from critical security shortcomings due to the absence of a valid SSL certificate and disabled TLS protocols, severely impacting its security posture. Privacy compliance is strong, with GDPR-aligned cookie consent mechanisms and comprehensive privacy policies. Overall, the business presents a professional and credible front but must urgently address its SSL/TLS deficiencies to ensure secure communications and maintain trust.

TIMETRON is a mature, family-owned investment company based in Vienna, Austria, with a diversified portfolio in consumer goods, medical devices, real estate, and e-commerce. The company has a strong market presence with 40 years of history and focuses on financing innovative brands and projects. The website reflects a professional business with good content quality and moderate branding consistency. Technically, the site uses a traditional Apache server with PHP and several JavaScript libraries but lacks modern security implementations such as HTTPS. The absence of a valid SSL certificate and security headers significantly impacts the security posture. Privacy compliance is basic, with a cookie consent banner but no dedicated privacy policy on the main domain. Overall, the site is functional but requires improvements in security and privacy to meet modern standards.

nicsell.com is a domain backorder and auction platform operated by DomainProfi GmbH, targeting the German-speaking market with services for acquiring domains in deletion phases. The business model focuses on low starting bids and a no-risk payment approach, supported by ICANN accreditation and partnerships with multiple domain registries. Technically, the website uses a standard stack including nginx, Bootstrap, and jQuery, but lacks a valid SSL certificate, which is a significant security concern. The site is mobile optimized and SEO friendly but has slow performance metrics. Security posture is weak due to missing HTTPS and modern TLS protocols, although some security headers and cookie flags are set. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Contact information is limited to forms, with no direct emails or phone numbers publicly listed. Overall, the site is legitimate and professionally presented but requires urgent security improvements.

PÖTTINGER Landtechnik GmbH operates as a large manufacturing company specializing in agricultural machinery with a strong international presence, offering localized content and partner portal access. The website demonstrates a good level of content quality, multi-language support, and user engagement features such as cookie consent and partner login. Technically, the site uses ASP.NET with common frontend libraries like jQuery and Bootstrap, hosted on a provider indicated by DNS records. However, the absence of a valid SSL certificate and lack of modern TLS support represent critical security weaknesses. Privacy compliance is well addressed through detailed cookie policies and consent mechanisms, reflecting GDPR awareness. Overall, the site is professional but requires urgent security improvements to protect user data and maintain trust.

I

ISG

isg-one.com

40

ISG is a global AI-centered technology research and IT advisory firm providing comprehensive sourcing, benchmarking, governance, and research services to enterprise clients. The company positions itself as a leader in AI-driven technology advisory, offering SaaS platforms to govern third-party relationships and benchmark IT landscapes. The website content is professionally designed, rich in relevant business information, and targets enterprises seeking operational excellence through technology. Technically, the site employs modern JavaScript frameworks and integrates multiple third-party services, but suffers from slow load times and lacks a valid SSL certificate, which critically impacts security posture. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Social media presence is strong, enhancing trust and engagement. However, the absence of direct contact emails or phone numbers limits immediate contact options.

F

Festspielhaus St. Pölten

festspielhaus.at

36

Festspielhaus St. Pölten is a prominent cultural venue in Austria specializing in dance, music, and architectural events. The website serves as a comprehensive platform for event information, ticket sales, subscriptions, and educational programs, targeting a diverse audience including families, schools, and cultural enthusiasts. The business is well-positioned regionally with a strong brand presence and partnerships with local institutions. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. The security posture is basic with no advanced headers or HTTPS, though privacy compliance is well addressed with detailed cookie and privacy policies. Overall, the site is professional and content-rich but requires urgent security improvements to enhance trust and compliance.

E

Eti

etietieti.com

39

Eti is a well-established Turkish food manufacturing company with a strong market presence and a diverse product portfolio including biscuits, chocolates, and health-oriented food products. The website serves as a comprehensive corporate portal providing product information, recipes, corporate governance details, career opportunities, and social responsibility initiatives. The site targets consumers interested in quality food products and healthy nutrition, leveraging a consistent brand identity and multiple language options for international reach. Technically, the website is built on ASP.NET WebForms and uses modern JavaScript libraries for UI enhancements. However, performance metrics are lacking and the site suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which significantly impacts user trust and security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Social media integration and partner links enhance the brand's digital ecosystem. Overall, Eti's website is professional and content-rich but requires urgent security improvements to meet modern standards.

W

Wittur Group

wittur.com

40

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

A

AMES - Aerospace and Mechanical Engineering Services

ames.aero

19

AMES - Aerospace and Mechanical Engineering Services is a mature Austrian company specializing in aerospace engineering, certification, production, maintenance, CAMO, consulting, and training services. With a domain age of 17 years and multiple aerospace certifications, AMES positions itself as a reliable service provider in the aerospace transportation sector. The website reflects a professional business model targeting aerospace industry professionals and companies requiring specialized engineering and certification services. The company maintains a consistent brand presence with clear contact information and social media engagement. Technically, the website employs a variety of established JavaScript libraries and frameworks such as jQuery, Bootstrap, and Owl Carousel, indicating a moderate level of digital maturity. However, the site lacks HTTPS encryption and modern security configurations, which significantly impacts its security posture. Performance is rated slow due to missing SSL and potential optimization gaps, though mobile responsiveness and navigation clarity are good. Security evaluation reveals critical vulnerabilities including the absence of SSL/TLS, no HSTS, no DNSSEC, and missing security headers. These gaps expose the site to potential interception and downgrade attacks. The domain's imminent expiry in 11 days adds operational risk. Privacy compliance is minimal, with basic privacy and terms documents available but no cookie consent or incident response contacts. Overall, AMES demonstrates solid business credibility and content quality but requires urgent security improvements to protect its digital assets and customer trust. Strategic recommendations include immediate SSL implementation, enhanced domain protection, and adoption of security best practices to elevate the security score and compliance posture.

D

DAXNER GmbH

daxner.at

40

DAXNER GmbH is a medium-sized Austrian manufacturing company specializing in bulk material technology and engineering solutions for various industrial sectors including food, chemical, and non-food industries. The company has a strong market position as an internationally leading provider with a comprehensive portfolio of products and services such as engineering, production, assembly, and control technology. Their website reflects a professional and well-structured digital presence with excellent content quality and SEO optimization. Technically, the site is built on WordPress with modern plugins and scripts, but lacks a valid SSL certificate and proper HTTPS configuration, which is a significant security concern. Security headers are well implemented, but the absence of TLS protocols and session resumption reduces the overall security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information and social media presence enhance business credibility. Overall, the website is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

B

bluesource - mobile solutions gmbh

bluesource.at

23

bluesource - mobile solutions gmbh is a well-established Austrian company specializing in mobile app development and digital transformation services primarily for banking, retail, and industrial sectors. With over 20 years of experience, the company offers a comprehensive suite of services including app development, strategy and consulting, UX/UI design, accessibility, and data/AI solutions. Their market position is strong, supported by a portfolio of notable clients and an ISO 27001 certification that underscores their commitment to security and quality. The website is professionally designed, content-rich, and well-structured, targeting B2B clients seeking digital innovation. Technically, the site is built on WordPress with modern frontend libraries and integrates marketing tools such as HubSpot forms. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines the overall security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Social media presence and trust indicators further enhance business credibility.

M

Mondial GmbH & Co. KG

mondial-congress.com

37

Mondial GmbH & Co. KG is a medium-sized Austrian company specializing in congress and event management services, including green meetings, virtual events, and travel management. The company holds several industry certifications and maintains a multilingual, content-rich website targeting organizations seeking professional event solutions. Technically, the website is built on WordPress with modern libraries but lacks a valid SSL certificate, resulting in a critical security gap. The absence of HTTPS and security headers exposes users to risks and reduces trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

A

AIM Group International

aimgroupinternational.com

35

AIM Group International is a medium-sized service provider specializing in event management, digital communication, and consultancy services primarily targeting companies and associations. The company offers a broad portfolio including conference management, virtual and hybrid events, healthcare meetings, digital marketing, and consultancy services. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with modern libraries and plugins, hosted on Amazon AWS infrastructure. However, the website lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. While cookie consent and privacy policies are implemented and GDPR compliant, the absence of HTTPS and security headers exposes the site to risks. Overall, the business appears legitimate and well-established with active social media presence and trust indicators such as an annual report and newsletter. Strategic improvements in security configuration are recommended to enhance trust and compliance.

Weatherford's PetroVisor website presents a mature and comprehensive SaaS platform focused on unifying data and analytics for the energy sector, specifically oil and gas production optimization. The platform integrates AI/ML capabilities and offers multiple modules addressing production, artificial lift, completion optimization, ESG, and enhanced oil recovery. The website is professionally designed, content-rich, and targets enterprise-level energy industry professionals. Technically, the site uses a modern tech stack including Kentico CMS, jQuery, and various analytics and marketing tools. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security incident response or vulnerability disclosure information is found. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic security improvements are necessary to enhance trust and protect user data.

A

ace Neue Informationstechnologien GmbH

ace.at

26

ace Neue Informationstechnologien GmbH is an established Austrian IT company with over 25 years of experience specializing in digital transformation solutions, including foundation management software, CRM based on Microsoft Dynamics 365, and business applications leveraging Microsoft Azure. Their market position is that of a trusted regional provider targeting foundations, public sector entities, and businesses seeking efficient CRM and digital solutions. The website reflects a professional and consistent brand image with clear service offerings and contact information. Technically, the site uses a modern frontend stack with SilverStripe CMS and popular JavaScript libraries, but lacks HTTPS, which is a critical security shortfall. The cookie consent mechanism and privacy policy indicate good GDPR compliance. Security posture is basic with no advanced headers or incident response information published. Overall, the site is functional and professional but requires urgent SSL implementation to improve security and trust.

Walstead Leykam Druck GmbH is a prominent European printing company specializing in roll offset printing with a strong market presence in Austria and neighboring countries. The company offers a wide range of print products and services, supported by a large workforce and significant annual revenue. The website is built on TYPO3 CMS and uses several JavaScript libraries for UI enhancements. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. While security headers are properly configured, the lack of HTTPS and cookie consent mechanisms are notable compliance gaps. Business information is comprehensive and trustworthy, supported by multiple certifications and awards. Overall, the website provides good content and user experience but requires urgent security improvements.

Desmet is a well-established global engineering company specializing in custom plants and equipment for the food, feed, and biofuel industries. With a large workforce and multiple brands, it holds a strong market position supported by extensive experience and a professional digital presence. The website is content-rich, well-structured, and uses modern technologies, but critically lacks HTTPS/SSL, which severely impacts its security posture. While security headers are implemented, the absence of valid SSL/TLS and related configurations exposes the site to risks. Privacy compliance is partially addressed with visible privacy and cookie policies, but no explicit consent mechanism is detected. Business credibility is high due to clear branding, contact information, and WHOIS consistency. Strategic improvements in security infrastructure and incident response readiness are recommended.

Greiner AG is a well-established Austrian enterprise specializing in manufacturing plastic and foam solutions with a global market presence. The company operates through three main subsidiaries: Greiner Bio-One, Greiner Packaging, and NEVEON, serving diverse industries including packaging, medical technology, automotive, and furniture. The website reflects a professional and comprehensive digital presence with detailed business descriptions, press releases, and social media integration. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, but suffers from a critical lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

B

Braintrust

braintrustlv.com

36

Braintrust is a minority-owned integrated marketing and creative agency with a 17-year track record, offering services including branding strategy, creative development, digital marketing, web development, social media, and public relations. The company targets businesses seeking comprehensive marketing solutions and operates offices in multiple US cities. The website reflects a professional and consistent brand image with rich multimedia content and clear navigation. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern JavaScript libraries and SEO plugins. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates good business credibility but requires urgent security improvements.

F

Film Independent

filmindependent.org

39

Film Independent is a well-established non-profit arts organization dedicated to championing independent filmmakers. The website serves as a comprehensive platform offering information on events, awards, educational programs, and resources tailored to filmmakers and the arts community. The organization has a mature online presence with a domain age of 20 years, reflecting its longstanding role in the independent film sector. The site targets independent filmmakers and film enthusiasts, providing memberships, donations, and community engagement opportunities.

H

Hotel Pfefferkorn

pfefferkorns.net

25

Hotel Pfefferkorn is a luxury hospitality provider located in Lech am Arlberg, Austria, offering premium accommodations, wellness, and dining experiences. The business is well positioned in the alpine tourism market with recognized culinary certifications such as Michelin, Falstaff, and Gault Millau. The website is professionally designed using WordPress with multilingual support and SEO optimization. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Cookie consent mechanisms and a comprehensive privacy policy demonstrate good privacy compliance. Contact information is clearly presented, supporting business credibility. Overall, the site reflects a mature hospitality business with room for improvement in security infrastructure.

A

American Superconductor

amsc.com

40

American Superconductor (AMSC) is a medium-sized US-based technology company specializing in advanced power electronics and superconductor systems that support smarter, cleaner energy solutions globally. The company serves energy utilities, renewable energy developers, and marine power sectors, positioning itself as a key player in the energy technology market with NASDAQ listing and a global footprint. The website reflects a professional digital presence with clear business descriptions, investor relations, and product offerings focused on grid and renewable energy solutions. Technically, the site is built on WordPress with modern JavaScript libraries and frameworks, hosted on Pantheon, and optimized for mobile users. However, performance is moderate and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing the site to risks and reducing trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the site is credible but requires urgent security improvements to protect users and enhance trust.

D

Das Österreichische Patentamt

patentamt.at

40

Das Österreichische Patentamt is the central government authority in Austria responsible for intellectual property rights including patents, trademarks, and designs. The website serves as an information and service hub offering online filing, advisory services, and educational programs such as the IP Academy. The organization holds ISO 9001 and ISO 27001 certifications, reinforcing its commitment to quality and information security. The site targets a broad audience including inventors, businesses, startups, legal professionals, and students. Technically, the website is built on TYPO3 CMS with modern frontend libraries and frameworks, providing a professional and accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is strong with comprehensive cookie consent mechanisms and GDPR-aligned policies. Overall, the site is authoritative and trustworthy but requires urgent improvements in SSL/TLS deployment to enhance security posture.

N

Nestec Scharf IT-Solutions OG

nestec.at

35

Nestec Scharf IT-Solutions OG operates as an Austrian IT security and messaging distributor with a strong emphasis on sustainability, fair partnerships, and regional focus. The company offers a broad portfolio of cybersecurity and IT solutions targeting MSPs and IT resellers primarily in Austria and Europe. Their business model centers on value-added distribution, partner support, and personalized service. Technically, the website runs on legacy Microsoft IIS 7.5 with ASP.NET 4.0 and uses common JavaScript libraries such as jQuery and Bootstrap. However, the site lacks HTTPS, modern TLS support, and critical security headers, exposing it to security risks. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Overall, the website is functional and content-rich but requires urgent security upgrades to protect users and improve trust.

E

Energie AG

energieag.at

40

Energie AG is a well-established regional energy provider in Upper Austria, offering a broad range of services including electricity, gas, internet, photovoltaic solutions, and electromobility products. The company positions itself as a modern and reliable energy supplier with a strong focus on customer service and sustainability. Their website reflects a mature digital presence with comprehensive content and professional design, targeting both private and business customers. Technically, the site uses a modern technology stack with various JavaScript libraries and integrates multiple analytics and marketing tools. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and privacy policies that comply with GDPR requirements. Overall, the business appears legitimate and trustworthy, but urgent improvements in SSL/TLS configuration are necessary to enhance security and user trust.

The website alu.hr represents the Akademija likovnih umjetnosti, an established fine arts academy affiliated with the University of Zagreb in Croatia. It serves students, faculty, and visitors by providing academic information, event announcements, and cultural project details. The institution is mature with a domain age of 22 years and a consistent registration profile. Technically, the site runs on Apache with Ubuntu, uses CMS Contenido 4.8, and includes older JavaScript libraries such as jQuery 1.9.0. However, the website suffers from outdated technology and lacks modern performance and accessibility optimizations. Security posture is weak due to the absence of a valid SSL certificate and proper HTTPS configuration, exposing users to risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and no contact information is explicitly provided on the homepage. Overall, the site is functional but requires significant improvements in security, privacy, and technical modernization to meet current standards.

E

EXIAS Medical GmbH

exias-medical.com

39

EXIAS Medical GmbH is a specialized healthcare company founded in 2014, focusing on the development and distribution of analyzers for point-of-care and laboratory applications. The company maintains a professional online presence with detailed product information and a clear business model targeting healthcare professionals and laboratories. Technically, the website is built on WordPress with modern plugins and SEO optimizations, though it suffers from a critical lack of HTTPS, which undermines security. Privacy compliance is strong, with GDPR-aligned cookie consent and a comprehensive privacy policy. The security posture is weak due to missing SSL/TLS and modern security headers, posing risks to user data and trust. Overall, the website is credible and well-structured but requires urgent security improvements to protect visitors and enhance trust.