Security Directory

K

KAEFER

kaeferblu.com

35

KAEFERblu is a technology-driven service provider specializing in Corrosion Under Insulation (CUI) management and predictive maintenance solutions. Leveraging KAEFER’s extensive industry experience, the company offers sensor-based real-time monitoring and innovative robotic installation solutions to improve safety, reduce costs, and enhance sustainability in the energy sector. The website reflects a modern digital presence with interactive animations and video content aimed at industrial clients seeking advanced CUI solutions. Technically, the site is built on WordPress with popular plugins and libraries, but lacks a valid SSL certificate, which critically undermines its security posture. Privacy and cookie policies are present but basic, and contact information is limited to social media and a newsletter form, with no direct company emails or phone numbers visible. Overall, the site demonstrates good content quality and SEO practices but requires urgent security improvements to protect user data and build trust.

.

.kloos digital GmbH

kloos.de

40

The website represents .kloos digital GmbH, a specialized digital marketing and SEO agency based in Vienna, Austria. The company offers a comprehensive suite of services including SEO, Google Ads, analytics, content marketing, social media marketing, web design, WordPress development, and professional workshops. Positioned as a leading SEO agency in Vienna, it targets businesses seeking to improve their online presence and marketing effectiveness. The website is professionally designed, well-structured, and optimized for SEO and user experience, reflecting a mature digital presence. Technically, the site is built on WordPress with modern technologies such as jQuery, Yoast SEO, and Borlabs Cookie for consent management. Hosting is provided by kasserver.com, and the site supports modern TLS protocols with a valid SSL certificate. Performance is fast, mobile optimization is good, and accessibility features are present. Analytics are implemented via Google Analytics and Matomo Tag Manager, with a clear cookie consent mechanism ensuring GDPR compliance. From a security perspective, the site uses HTTPS with TLS 1.2 and 1.3, includes some security headers, and employs a robust cookie consent framework. However, improvements are recommended such as enabling full HSTS, adding additional security headers, and implementing OCSP stapling. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business claims, and no privacy protection or suspicious WHOIS patterns were found, indicating a trustworthy and legitimate operation. Overall, the website demonstrates a high level of professionalism, technical maturity, and compliance with privacy regulations. It effectively supports the business model of a digital marketing agency and provides clear contact channels and trust signals. Strategic recommendations include enhancing security headers and publishing a formal security policy to further strengthen trust and compliance.

C

Canal+ Luxembourg S. à r.l.

hdaustria.at

76

CANAL+ Austria operates as a subscription-based streaming service offering a wide range of TV channels, movies, series, and live sports events targeted at Austrian consumers. The website is professionally designed with consistent branding and clear navigation, supporting multiple platforms including smart TVs and mobile devices. The technical infrastructure leverages ASP.NET, Umbraco CMS, Vue.js, and integrates third-party services such as Algolia for search and Google Analytics for tracking. The site is hosted behind Cloudflare with a valid Extended Validation SSL certificate, ensuring encrypted communications. However, the absence of modern TLS protocols and incomplete security header configurations represent areas for improvement. Privacy compliance is partially met with a comprehensive privacy policy and terms of service, but lacks a visible cookie consent mechanism. Business credibility is strong with transparent domain registration and clear contact information. Overall, the site presents a solid digital presence with room to enhance security and privacy practices.

N

Net Patrol Italia srl

acaraweb.it

38

Net Patrol Italia srl operates a specialized whistleblowing platform called Acara, designed to support companies in compliance with European privacy and whistleblowing regulations. The platform emphasizes privacy by design, allowing anonymous or identified reporting, and aligns with ISO 37001:2016 anti-corruption standards. The website is built on WordPress with Elementor and uses modern SEO tools like Yoast. However, a critical security gap is the absence of a valid SSL certificate, leaving the site without HTTPS protection. Security headers are partially implemented, but the lack of TLS protocols and DNS security features reduces the overall security posture. Contact information and privacy policies are clearly presented, supporting GDPR compliance. The company maintains a moderate digital maturity with room for improvement in security and technical infrastructure.

S

SUPPLYGROUP, SAS

supplygroup.fr

37

SupplyGroup is a French medium-sized company specializing in supply chain, logistics, and business development solutions leveraging Big Data and artificial intelligence. Their offerings include software platforms for order management, shipment tracking, warehousing, data management, and quality control, targeting businesses from startups to large groups. The website is built on WordPress with integrations such as Google Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts security posture. The site provides comprehensive legal and privacy information in French, including a named Data Protection Officer, but lacks a cookie policy and consent mechanism. Overall, the business credibility is strong with clear company registration details and contact information, but security improvements are critical to protect user data and enhance trust.

L

LKW WALTER Internationale Transportorganisation AG

lkw-walter.com

66

LKW WALTER is a well-established European transport organization specializing in full truck load logistics across Europe and neighboring regions such as Russia, Central Asia, the Middle East, and North Africa. The company operates under the WALTER GROUP umbrella and targets businesses requiring reliable and extensive transport services. The website reflects a professional and consistent brand presence with multilingual support for various countries, indicating a broad international market reach. Technically, the website employs modern JavaScript modules, integrates Google Tag Manager, OneTrust for cookie consent, and is hosted on Cloudflare, ensuring fast performance and good mobile optimization. The site uses multiple analytics and marketing tools, including Google Analytics, Hotjar, and Smartsupp chat, with a clear consent mechanism in place, supporting GDPR compliance. From a security perspective, the site enforces HTTPS with a valid GeoTrust certificate and implements several security headers such as Content-Security-Policy and X-Frame-Options. However, it lacks support for modern TLS protocols (TLS 1.2/1.3), OCSP stapling, and full HSTS enforcement, which are recommended to enhance transport security. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in SSL/TLS configuration and enhanced security policies would further strengthen the security posture and trustworthiness.

B

Boston Scientific Corporation

intracept.com

40

The website intracept.com represents the Intracept Procedure by Relievant, a medical treatment for chronic low back pain, supported by clinical evidence and patient testimonials. It is owned by Boston Scientific Corporation, a large healthcare company. The site targets patients and healthcare professionals, providing educational content and resources about the procedure. Technically, the site is built on WordPress with the Divi theme, hosted on WP Engine and served via Cloudflare CDN. It uses modern web technologies and includes tracking tools like Google Tag Manager and Facebook Pixel. However, the site currently lacks a valid SSL certificate, which is a critical security issue. Privacy policies and terms of service are present and comprehensive, but no cookie consent mechanism is detected. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance user data protection.

M

Murex

murex.com

40

Murex is a leading provider of capital markets technology solutions, offering an integrated platform (MX.3) that supports trading, treasury, risk, and post-trade operations. The company serves a broad range of financial services clients globally, including banks, investment managers, and corporates. Their business model focuses on enterprise software and managed services, with a strong emphasis on regulatory compliance and risk management. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive use of modern marketing and analytics technologies. However, a critical security gap exists due to the absence of HTTPS, which undermines the security posture despite well-implemented security headers. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL/TLS implementation to secure user data and communications.

I

ITRS Group

itrsgroup.com

40

ITRS Group is a leading provider of AI-powered real-time monitoring and observability solutions tailored for demanding and regulated industries such as finance and investment banking. The company is recognized as a visionary in the digital experience monitoring space, serving top-tier investment banks and thousands of customers worldwide. Their platform focuses on preventing system outages, enhancing performance, and enabling continuous innovation through intelligent observability and digital experience monitoring. Technically, the website is built on Drupal 10 and leverages a modern technology stack including Google Tag Manager, Zendesk, Uptrends, and Cloudflare, hosted on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance metrics indicate moderate speed. Security headers are well implemented, but the SSL configuration is currently invalid, lacking proper TLS protocol support and OCSP stapling, which poses a significant security risk. From a security perspective, while the site employs several best practices such as Content Security Policy and X-Frame-Options, the absence of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No critical vulnerabilities like exposed credentials or malware were detected, but improvements in SSL configuration and session management are recommended. Overall, the website presents a professional and trustworthy image with comprehensive privacy and cookie policies, clear contact information, and strong business credibility. The domain registration details align with the company's UK-based operations, supporting its legitimacy. Strategic recommendations include immediate SSL renewal and configuration, enhanced security monitoring, and continued compliance with privacy regulations.

F

Fenergo

fenergo.com

40

Fenergo is a medium-sized SaaS financial technology company founded in 2009, specializing in client lifecycle management (CLM) and regulatory compliance solutions for banking and financial institutions. The company offers a comprehensive suite of services including KYC, client onboarding, transaction monitoring, and regulatory compliance, supported by AI-powered technologies such as FinCrime OS and Agentic AI. Fenergo is recognized as a market leader in its sector, with strong client endorsements and multiple industry awards. Technically, the website is built on Webflow and leverages modern JavaScript libraries and Cloudflare CDN for delivery, with good mobile optimization and SEO practices. However, the site currently lacks a valid SSL certificate and modern TLS support, which is a critical security concern. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. Overall, the business demonstrates strong credibility and trustworthiness, but the security posture requires urgent improvement to protect user data and maintain compliance.

M

M3 PARK SERVICE Szolgáltató és Üzemeltető Korlátolt Felelősségű Társaság

m3outlet.hu

19

M3 Outlet is a retail outlet shopping center located in Polgár, Hungary, offering over 100 fashion brands with discounts ranging from 30% to 70%. The website targets regional shoppers interested in branded fashion products and provides multilingual support including Hungarian, English, Romanian, and Slovak. Key services include retail shopping, promotions, customer amenities such as free wifi, and tourism-related offerings like tax-free shopping. The business operates under M3 PARK SERVICE Kft., positioning itself as a significant regional outlet center with a medium-sized footprint. Technically, the website is built on Concrete CMS 9.3.2 and utilizes modern frontend technologies such as jQuery, Bootstrap 5, and Owl Carousel. Google Tag Manager is used for analytics and marketing tracking. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Performance data is missing, but inferred to be slow. Mobile optimization and SEO are good, but accessibility is basic. Security posture is weak due to the absence of HTTPS, lack of HSTS, and missing advanced security headers. No explicit privacy or cookie consent mechanisms are implemented, and no security or incident response policies are visible. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professionally designed but requires urgent security improvements, especially SSL/TLS configuration, to protect user data and improve trust. Implementing privacy compliance features and enhancing security headers would further strengthen the security posture.

Designer Outlet Luxembourg operates a retail outlet shopping center featuring over 60 major brands offering discounts year-round. The website presents a professional and consistent brand image targeting shoppers in Luxembourg and nearby regions. The technical infrastructure is based on TYPO3 CMS hosted on Apache servers with integration of modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for GDPR compliance. Security posture is adequate with a valid SSL certificate but lacks modern TLS protocol support and some advanced security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information and social media presence enhance business credibility. Overall, the website is functional, secure, and compliant with relevant regulations, supporting the business's retail operations effectively.

W

webcapital

quli.nl

40

Quli.nl is a Dutch digital health platform offering a Personal Health Environment (PGO) that centralizes users' healthcare data, enabling better management and communication with healthcare providers. The platform targets patients, caregivers, healthcare organizations, and patient groups, positioning itself as a leader in digital accessibility and personal health data management in the Netherlands. The website is built on WordPress with modern web technologies and integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security headers are properly configured; however, the absence of a valid SSL certificate and HTTPS implementation is a critical vulnerability that significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented and GDPR compliant. Overall, the site demonstrates good content quality and business credibility but requires urgent improvements in SSL/TLS configuration to ensure secure user interactions.

C

ConSol Consulting & Solutions Software GmbH

consol.com

75

ConSol Consulting & Solutions Software GmbH is a medium-sized, owner-managed IT service provider founded in 1984 in Germany. The company specializes in delivering customized IT solutions, supporting clients throughout the entire software lifecycle with a focus on agility, innovation, and technical excellence. Their offerings include IT consulting, software engineering, cloud and platform engineering, AI, automation, and product solutions based on open-source technologies. The company maintains strong partnerships with industry leaders such as Red Hat, AWS, SUSE, and others, reinforcing its market position. Technically, the website is built on TYPO3 CMS with modern front-end frameworks like Bootstrap and utilizes various JavaScript libraries for enhanced user experience. Analytics are implemented via Matomo and Google Tag Manager, with a comprehensive cookie consent mechanism ensuring GDPR compliance. The site is well-optimized for performance, mobile responsiveness, and accessibility. From a security perspective, the site uses HTTPS with a valid SSL certificate but lacks modern TLS protocol support and full HSTS implementation. Security headers are present but could be enhanced. No critical vulnerabilities or exposures were detected. The company demonstrates compliance with data protection regulations, supported by ISO 9001 and ISO 27001 certifications. Overall, ConSol presents a professional, trustworthy, and technically mature online presence with strong business credibility and a good security posture. Strategic improvements in SSL/TLS configuration and security header enhancements are recommended to further strengthen their security stance.

N

Netz Burgenland GmbH

netzburgenland.at

35

Netz Burgenland GmbH operates as a regional energy network operator in Burgenland, Austria, providing reliable electricity and gas distribution services. The company emphasizes customer service and offers a range of services including smart metering, energy communities, and infrastructure support. The website reflects a professional and well-structured digital presence, leveraging modern technologies such as Next.js and React, hosted on AWS infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While contact information and business legitimacy are clearly established, privacy compliance could be improved by implementing cookie consent mechanisms and publishing security policies. Overall, the site is content-rich and trustworthy but requires urgent security enhancements to protect user data and maintain trust.

S

SONNENABO

sonnenabo.at

39

SonnenAbo is a regional energy service provider based in Austria offering local solar power subscriptions through community photovoltaic parks. The business model focuses on enabling residents to access renewable energy without upfront investment, promoting sustainability and energy community membership. The website is professionally designed using modern web technologies such as Next.js and hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical security vulnerability. Additionally, no cookie consent mechanism is present despite the use of Google Tag Manager, indicating partial privacy compliance. Contact information is available primarily as a physical address and contact page, but no direct emails or phone numbers are exposed. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

F

Fanclub Burgenland Energieunabhängig

fcbe.at

38

Fanclub Burgenland Energieunabhängig is a regional energy community initiative based in Burgenland, Austria, focused on promoting renewable energy usage through wind and solar power. The organization offers membership benefits including access to renewable energy at attractive prices, participation in regional energy projects, and digital services to support energy independence. The website is well-designed, content-rich, and targets residents, businesses, and municipalities interested in sustainable energy solutions. Technically, the site uses modern web frameworks such as Next.js and is hosted on AWS infrastructure, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and explicit data processing consents in forms. Contact information is clearly provided, enhancing business credibility. However, the lack of cookie consent mechanisms and security headers reduces the overall security posture. Strategic improvements in SSL deployment and security best practices are recommended to enhance trust and compliance.

S

Storebrand

storebrand.se

38

Storebrand is a well-established Nordic financial services group specializing in pensions, insurance, and asset management. With a history dating back to 1767 and assets under management exceeding 1,400 billion NOK, it holds a leading market position in Norway and the broader Nordic region. The website reflects a mature business with clear branding, comprehensive service offerings, and a focus on sustainability. Technically, the site uses modern frameworks such as Blazor and integrates with Salesforce and various analytics and marketing tools, indicating a high level of digital maturity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

T

The AES Corporation

aesdominicana.com

40

AES Dominicana is a regional subsidiary of The AES Corporation, focused on accelerating the future of energy through sustainable and innovative solutions in the Dominican Republic. The website presents a professional corporate image with comprehensive content about their products, sustainability initiatives, community partnerships, and investor relations. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which severely impacts the security posture. The site implements strong security headers and content security policies but lacks advanced SSL/TLS configurations and DNS security features. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is credible and professionally maintained but requires urgent security improvements to protect user data and trust.

M

MSD Tiergesundheit Österreich

msd-tiergesundheit.at

40

MSD Tiergesundheit Österreich operates as a prominent veterinary pharmaceutical provider in Austria, offering a broad range of veterinary medicines and vaccines. The website serves multiple target audiences including veterinarians and animal owners, providing product information, news, and educational resources. The business is part of the global Merck & Co., Inc. group, indicating a strong market position and established brand presence. The site features professional design, consistent branding, and comprehensive content tailored to the veterinary healthcare sector. Technically, the website is built on WordPress VIP with modern SEO and analytics integrations, but suffers from critical SSL/TLS deficiencies that undermine security and trust. Security headers are well implemented, but the absence of a valid SSL certificate and HTTPS support is a major vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good digital maturity but requires urgent security improvements to protect user data and maintain credibility.

L

LexisNexis

compliance-praxis.at

35

Compliance Praxis is Austria's largest compliance network providing comprehensive information media, partner networks, and events to support professionals in the expanding field of compliance. The website is professionally designed, content-rich, and targets compliance officers, legal experts, and organizations interested in compliance and ESG topics within Austria. Technically, the site runs on Gentics CMS with nginx server and integrates modern marketing and analytics tools such as Google Tag Manager and Mailchimp. However, the absence of a valid SSL certificate and HTTPS configuration represents a significant security vulnerability. Privacy and cookie policies are well implemented and GDPR compliant. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and trust.

H

HUMANIC

humanic.net

64

HUMANIC is a well-established shoe retailer and manufacturer with over 150 years of history, operating both physical stores and online shops across multiple Central and Eastern European countries. The company offers a broad range of footwear and accessories targeting consumers seeking quality and variety. Their market position is strong, especially in Austria, with a recognized brand and customer loyalty programs. Technically, the website is built on SAP Commerce (Hybris) platform, leveraging modern marketing and analytics tools such as Google Analytics, Dynamic Yield, and Usercentrics for consent management. The site is hosted behind Cloudflare, ensuring basic security and performance benefits. Security posture is adequate with HTTPS enforced and several security headers present, although TLS protocols are outdated and some security enhancements like HSTS preload and OCSP stapling are missing. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and functional, with room for technical and security improvements.

M

Mediaprint Zeitungs- und Zeitschriftenverlag Gesellschaft m.b.H. & Co KG

mediaprint.at

38

Mediaprint Zeitungs- und Zeitschriftenverlag Gesellschaft m.b.H. & Co KG is a leading Austrian media company operating prominent brands such as Kronen Zeitung and KURIER. The company offers a broad range of media-related services including corporate publishing, printing, logistics, marketing, and subscription management, positioning itself as a market leader in Austria's media sector. The website reflects a professional and consistent brand image targeting both consumers and business clients within Austria. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, FontAwesome Pro, and integrates Google Tag Manager and Didomi for analytics and consent management. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

R

RE.COMM

recomm.eu

27

RE.COMM operates a professional real estate leaders summit event in Austria, targeting top managers and decision makers in the real estate sector. The website serves as an information and registration platform for the annual summit scheduled for November 2025. The company positions itself as a leading think tank and networking forum within the real estate industry. Technically, the website is built on WordPress with Elementor and several plugins for SEO, multilingual support, and GDPR compliance. However, the site suffers from critical security issues including an invalid or missing SSL certificate and lack of HTTPS enforcement, which significantly impacts user trust and security posture. The DNS configuration appears incomplete or misconfigured, lacking essential A/AAAA records and DNSSEC, which raises concerns about domain management. Privacy and cookie policies are well implemented, and social media presence is active. Overall, the site is professionally designed but requires urgent technical and security improvements to ensure trustworthiness and compliance.

T

TBWA

tbwacannes.com

40

TBWA at Cannes is a professionally designed website serving as a showcase for the global TBWA Collective's creative work at the Cannes Lions Festival of Creativity. The site features a broad portfolio of advertising campaigns from various TBWA offices worldwide, targeting advertising professionals and festival attendees. Technically, the site is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and OneTrust for cookie consent. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines its security posture. Additionally, the lack of DNS records is unusual and may indicate configuration issues. Privacy compliance is partially addressed through cookie consent, but no privacy policy or terms of service pages were found. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements.

RCSRD d.o.o. is a Serbia-based technology company specializing in open-source software solutions, technical support, development, and education. Founded in 2007 through partnerships with industry leaders such as Red Hat and IBM, RCSRD serves a broad Southeast European market with enterprise-grade open-source products and services. The company maintains a medium-sized international team and subsidiaries in Vienna and Katowice, positioning itself as a regional leader in open-source innovation. Technically, the website is built on the Bitrix CMS platform, utilizing modern web technologies including jQuery, Bootstrap, and OwlCarousel. Google Tag Manager is employed for analytics and tracking. The site is mobile-optimized with good navigation and professional design, though accessibility and SEO optimizations are basic. Performance metrics are unavailable. From a security perspective, the website lacks HTTPS and SSL/TLS encryption, representing a critical vulnerability. While some security headers are present, the absence of encryption and modern TLS protocols significantly reduces the security posture. No privacy or cookie policies are found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates solid business credibility and content quality but suffers from critical security and privacy compliance issues. Strategic improvements in SSL implementation, privacy policy publication, and security best practices are recommended to enhance trust and protect user data.

cotac group operates as a medium-sized transportation service provider specializing in tank container services including cleaning, heating, repair, modifications, and depot management. The company maintains a professional online presence with a well-structured website powered by TYPO3 CMS, targeting businesses requiring specialized tank container logistics and maintenance. The website is designed responsively and includes a cookie consent mechanism via Usercentrics, indicating attention to privacy compliance. Technically, the site uses Apache on Debian with a valid SSL certificate, though TLS protocols are outdated and some security headers could be better configured. No direct contact emails or phone numbers are provided, relying on contact forms for communication. The security posture is moderate with room for improvement in TLS support and incident response transparency. Overall, the website reflects a legitimate and professional business with a moderate risk profile and good digital maturity.

P

Pizzeria Uno Corporation

pizzeriaunodue.com

28

Pizzeria Uno Corporation operates a well-established restaurant brand known for inventing the Chicago Style Deep Dish Pizza in 1943. The website promotes their core business of pizza restaurants along with catering, group events, cooking classes, and fundraising activities. The brand has a strong market position with a legacy appeal and multiple service offerings targeting pizza enthusiasts and event organizers. Technically, the website uses a modern frontend stack including Bootstrap and jQuery, with embedded analytics and accessibility tools. However, the site lacks a valid SSL certificate and HTTPS configuration, which is a critical security flaw. The absence of cookie consent mechanisms and security headers further reduces the security posture. Overall, the business credibility is high due to consistent branding, clear contact information, and social media presence, but the security and privacy compliance need urgent improvement.

G

Geoquest Group

terre-armee.com

40

Geoquest Group is a globally recognized leader in geotechnical engineering, specializing in reinforced earth structures and soil-structure interaction solutions. With a presence in 80 countries and a history spanning over 60 years, the company offers a broad portfolio of engineering services and products tailored to infrastructure, hydraulic, industrial, and urban development sectors. The website reflects a mature business with comprehensive content, professional design, and a strong international network supported by its parent company, Soletanche Freyssinet. Technically, the website is built on a modern WordPress platform using advanced plugins and frameworks such as Avada Fusion Builder and Slider Revolution. It employs analytics tools like Google Tag Manager and Matomo for user tracking and performance insights. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security-wise, while several HTTP security headers are implemented, the absence of a valid SSL certificate and disabled TLS protocols present critical vulnerabilities. The site does implement GDPR-compliant cookie consent mechanisms and maintains comprehensive privacy and legal policies, indicating good privacy compliance. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trustworthiness. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS protocols, and enhancing HSTS policies to protect users and improve compliance.

2

20i Ltd.

20i.com

40

20i Ltd. is a UK-based technology company specializing in high-performance web hosting services including reseller hosting, managed cloud hosting, managed WordPress hosting, VPS, and domain registration. The company positions itself as a premium hosting provider with a focus on speed, reliability, and expert 24/7 support, supported by multiple industry awards and positive customer testimonials. Their technical infrastructure leverages modern cloud platforms such as AWS, Google Cloud, and their proprietary 20iCloud, utilizing advanced technologies like Redis, ElasticSearch, and autoscaling to deliver high availability and performance. The website is built on modern frameworks including Nuxt.js and Vue.js, with a responsive design and good SEO practices. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue. While security headers and content security policies are in place, the lack of proper SSL/TLS configuration significantly impacts the overall security score. The company provides comprehensive contact information, including email, phone, and physical address, and maintains a strong social media presence. Strategic recommendations include immediate implementation of valid SSL certificates, enabling modern TLS protocols, and enhancing privacy compliance mechanisms. Overall, 20i presents a professional and trustworthy web hosting service with room for critical security improvements.

A

APRO Kassensysteme

apro.at

34

APRO Kassensysteme is a medium-sized Austrian company specializing in digital point-of-sale and hospitality solutions, targeting gastronomy businesses. The website presents a comprehensive product portfolio and detailed content aimed at B2B customers in the hospitality sector. Technically, the site uses a custom or proprietary CMS with modern JavaScript libraries and integrates multiple analytics and marketing tools. However, the absence of a valid SSL certificate and HTTPS support critically undermines the security posture, exposing visitors to risks and reducing trust. Privacy compliance is well addressed with a detailed cookie consent mechanism and GDPR-aligned policies. The WHOIS data confirms domain legitimacy and consistency with the business claims. Strategic improvements in SSL deployment and security hardening are essential to elevate trust and compliance.

T

Translation Standards

translationstandards.net

40

Translation Standards is a small Austrian-based service provider specializing in certification and assessment services for translation, interpretation, and localization providers. The company offers ISO certification audits aligned with multiple ISO standards relevant to language services, positioning itself as a niche player in quality assurance within the language industry. The website is built on WordPress, hosted by Hostinger, and uses modern SEO and marketing tools such as Yoast SEO and Google Tag Manager. However, the absence of a valid SSL certificate significantly impacts the security posture, exposing users to risks associated with unencrypted traffic. While the site provides clear contact information and trust signals like testimonials and case studies, it lacks cookie and terms of service policies, which are important for privacy compliance. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security to enhance trust and compliance.

S

Soletanche Freyssinet

activskeen.com

40

Soletanche Freyssinet is a global leader in specialty construction and engineering, focusing on soil, structural, and nuclear sectors. The company operates through six subsidiary brands, delivering technical excellence and sustainable solutions. The website reflects a mature digital presence with comprehensive content, strong branding, and active social media engagement. Technically, the site is built on WordPress with modern plugins for SEO, GDPR compliance, and performance optimization. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS enforcement, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

E

Evelyn Partners Investment Management Services Limited

bestinvest.co.uk

40

Bestinvest is a well-established UK-based online investment platform offering a wide range of tax-efficient investment accounts including ISAs, SIPPs, and Junior ISAs. The company emphasizes free expert coaching, smart planning tools, and competitive pricing to help clients achieve their financial goals. The platform is supported by a mature technical infrastructure leveraging modern web technologies such as React and Next.js, hosted on Microsoft Azure, ensuring good performance and mobile optimization. However, the site currently suffers from critical SSL certificate issues and lacks support for modern TLS protocols, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and indicate compliance with GDPR regulations. The business demonstrates strong credibility with FCA regulation, numerous awards, and positive Trustpilot reviews. Overall, the website is professional and user-friendly but requires urgent security improvements to ensure trust and compliance.

A

APRO Kassensysteme GmbH

smorder.at

40

smorder.at is a website operated by APRO Kassensysteme GmbH offering a mobile ordering and payment platform targeted at restaurant guests and hospitality businesses in Austria. The platform enables users to order and pay via smartphone, access personalized digital menus, collect loyalty points, and send gift vouchers. The website is professionally designed with good content quality and clear navigation, supporting both desktop and mobile users. Technically, the site is built on WordPress with common plugins such as Yoast SEO and Contact Form 7, and uses UIkit for frontend components. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Marketing and analytics tools include Google Tag Manager and Facebook Pixel, with a cookie consent banner implemented for GDPR compliance. Contact information is clearly provided, including email, phone, and physical address. WHOIS data confirms the domain is properly registered and consistent with the business entity. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in security infrastructure.

E

enuvo GmbH

surveyhero.com

69

SurveyHero, operated by enuvo GmbH, is a mature and established online survey software provider founded in 2005 and based in Switzerland. The company offers a SaaS platform enabling users to create, distribute, and analyze surveys with a focus on ease of use, multilingual support, and GDPR compliance. With over 3 million users worldwide and endorsements from reputable platforms like Capterra and G2, SurveyHero holds a strong market position in the online survey industry. The website reflects a professional and user-friendly design, targeting individuals and organizations seeking reliable survey tools.

V

VideoAmp, Inc.

videoamp.com

40

VideoAmp, Inc. is a mature and established media measurement software company founded in 2001, specializing in cross-platform audience segmentation and programmatic advertising optimization. The company targets agencies, brands, and publishers with a B2B SaaS business model, leveraging proprietary technology such as VALID™ for data-driven advertising insights. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, reflecting a high level of digital maturity. Technically, the site is built on WordPress with modern marketing and analytics tools, but suffers from slow load times and lacks a valid SSL/TLS certificate, which critically impacts security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy compliance. However, the absence of HTTPS and security headers represents a significant vulnerability. Overall, the domain registration data supports the legitimacy and trustworthiness of the business. Strategic improvements in security infrastructure are recommended to enhance trust and compliance.

emfluence Digital Marketing is a well-established digital marketing agency based in the United States, specializing in a broad range of services including digital strategy, SEO, paid media, content marketing, and marketing automation. The company positions itself as a leading provider in the Midwest region, targeting businesses seeking personalized and effective digital marketing solutions. Their website reflects a mature digital presence with rich content, client testimonials, and case studies that demonstrate their expertise and client success. Technically, the site is built on WordPress and leverages modern marketing and SEO tools, including Gravity Forms, Yoast SEO, and Amazon Polly, hosted on AWS with CloudFront CDN for content delivery. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, but direct contact information such as emails and phone numbers are not explicitly provided, relying mainly on contact forms. Overall, the website is professional and content-rich but requires urgent security improvements to meet modern standards.

A

Anyline

anyline.com

67

Anyline is a mature technology company specializing in AI-powered mobile data capture solutions, serving industries such as automotive, retail, logistics, enforcement, and energy. The company offers a suite of products including OCR scanning, barcode scanning, vehicle identification, and meter reading, targeting businesses seeking to enhance operational efficiency through mobile scanning technology. The website reflects a professional and consistent brand presence with good content quality and clear navigation. Technically, the website is built on WordPress and leverages modern technologies such as jQuery, Weglot for translations, Google Tag Manager for analytics, and Usercentrics for cookie consent management. Hosting and CDN services are provided by Cloudflare, ensuring fast performance and security. The site is mobile-optimized and SEO-friendly, with structured data and meta tags implemented. From a security perspective, the site enforces HTTPS and includes several important security headers, though HSTS is present but not fully enabled. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with visible privacy and cookie policies and a consent mechanism. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not found. Overall, the website presents a low risk profile with a strong business credibility and technical foundation. Strategic improvements could focus on enhancing security headers, publishing security and incident response policies, and providing clearer direct contact information for security and business inquiries.

P

Parexel International (MA) Corporation

parexel.com

63

Parexel International is a leading global Contract Research Organization (CRO) specializing in clinical development services for the biopharmaceutical industry. With over 24,000 professionals worldwide, Parexel offers comprehensive solutions spanning Phase I to IV clinical trials, regulatory strategy, and patient engagement. The company positions itself as a trusted partner to biopharmaceutical leaders and clinical trial sites, emphasizing patient-centric trial design and execution. The website reflects a mature digital presence with rich content, clear navigation, and strong branding consistency. Technically, the site leverages Concrete CMS, integrates modern analytics and marketing tools, and employs robust security measures including HTTPS and security headers. Privacy compliance is well addressed with comprehensive policies and a granular cookie consent mechanism. Overall, Parexel's website demonstrates a high level of professionalism, trustworthiness, and operational maturity.

O

Omni Druckproduktion und Design GmbH

omnidruck.at

50

Omnidruck.at represents a small Austrian company specializing in printing production, graphic design, and related services such as web design and social media branding. The company positions itself as a comprehensive partner for production and design, targeting both business and private customers. Their website reflects a professional and consistent brand image with a clear presentation of services and client references. Technically, the site is built on WordPress using Elementor and Flatsome theme, incorporating modern plugins for GDPR compliance and performance optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are absent. Overall, the website is trustworthy and well-maintained, supporting the company's market presence effectively.

L

LNConsult GmbH

lnconsult.at

40

LNConsult GmbH is a well-established Austrian consulting firm specializing in logistics, IT consulting, and digital transformation for industry, trade, and logistics sectors. With over 20 years of experience, the company offers comprehensive services including logistics process optimization, IT system integration, and custom software development. Their market position is strengthened by recognized employer awards and a professional digital presence. Technically, the website is built on the Neos CMS platform using modern frameworks and includes essential analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, CAPTCHA protection on forms, and cookie consent mechanisms, though some security headers could be improved. Overall, LNConsult demonstrates a high level of professionalism, compliance with GDPR, and strong business credibility, making it a trustworthy partner in its domain.

Pacific Crest Group, operating the Human Resource Advisors brand, provides specialized HR consulting and accounting services primarily targeting dental, medical, and business clients across the United States. With a client base exceeding 900, the company positions itself as a trusted outsourced HR partner, recently expanding its service portfolio through a merger with Human Resource Advisors. The website reflects a professional and consistent brand image, emphasizing strategic guidance in finance and human resources to support business owners' success.

EPS Software Corp., operating the CODE Online platform, is a well-established technology company since 1993, offering a broad range of software development services including consulting, staffing, training, and legacy application modernization. The company maintains a professional online presence with clear service descriptions and multiple engagement channels, positioning itself as a trusted partner in the software development industry. Technically, the website employs modern JavaScript libraries, Google analytics and advertising tools, and uses HTTPS with form validation and CAPTCHA for security. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for comprehensive security posture. Overall, the site is well-designed, mobile-optimized, and provides good user experience with moderate tracking and advertising transparency.

M

MedTriX GmbH

schuetz.cc

55

MedTriX GmbH operates as a specialized communication service provider for the pharmaceutical and life-science sectors, offering comprehensive marketing and communication solutions including data services, telecommunication marketing, dynamic targeting, and market research. The company positions itself as a leading provider in telephone communication with healthcare professionals, supported by a professional and content-rich website primarily targeting the Austrian healthcare market. Technically, the website is built on WordPress with modern plugins such as WPBakery and Yoast SEO, ensuring good SEO and user experience. The site is well-optimized for mobile and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and formal security policies are absent. Overall, the website reflects a trustworthy and professional business with a moderate to high digital maturity level.

Atom operates a premium domain marketplace platform offering domain sales, branding contests, trademark services, and AI-powered naming tools. The website analyzed is a landing page for the domain SBAirlines.com, positioned for the aviation and travel industry. Atom has a strong market presence with a large curated inventory and a well-established brand supported by positive Trustpilot reviews and a purchase protection program. The technical infrastructure leverages modern web technologies including Cloudflare for security and CDN, New Relic for monitoring, and Intercom for customer engagement. The site is mobile-optimized and performs well with good SEO practices. Security posture is solid with HTTPS and monitoring but lacks explicit security policies and incident response contacts publicly. Privacy compliance is basic with privacy and cookie policies present on the main domain but no visible consent mechanism on this page. Overall, the website is professional, trustworthy, and technically sound with room for improvement in privacy and security transparency.

B

BENTELER

benteler.de

47

BENTELER is a well-established enterprise specializing in metal processing with a strong focus on automotive and industrial sectors. Founded in 1876, the company has a significant global presence with 90 locations worldwide, offering a diverse range of products including automotive components, steel/tube products, mechanical engineering, and glass processing equipment. The website reflects a mature business model targeting industrial clients and partners, with a clear emphasis on sustainability and innovation. Technically, the website is built on TYPO3 CMS, utilizing modern web technologies such as ES6 JavaScript modules, lazy loading, and SVG icons. It demonstrates excellent mobile optimization, accessibility, and SEO practices, ensuring a fast and user-friendly experience. The presence of comprehensive meta tags, structured data, and multi-language support further enhance its digital maturity. From a security perspective, the site enforces HTTPS, employs Google reCaptcha for bot prevention, and implements a granular cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policy and incident response contact details are not prominently available, suggesting areas for improvement. Overall, BENTELER's website is professional, secure, and compliant, reflecting its enterprise status and global operations. Strategic enhancements in security transparency and incident response readiness could further strengthen its trustworthiness and compliance posture.

A

Adaro Optics Ltd.

adaro.net

48

Adaro Optics Ltd. operates a specialized platform focused on optical subscription technology, targeting both optical retailers and end customers. Their flagship platform, Adaro Direct, enables retailers to offer subscription and payment solutions for eyewear, eyecare, and audiology products, aiming to increase customer loyalty and revenue. The company is positioned as a niche provider within the retail optical sector, trusted by major industry players such as Specsavers and Vision Express. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website leverages modern frameworks including Blazor and Bootstrap 5, with integration of Google services for analytics and bot protection. Hosting assets on Microsoft Azure Blob Storage indicates a reliable infrastructure. While the site is mobile-optimized and performs moderately well, there is room for improvement in accessibility and SEO optimization. The absence of a CMS suggests a custom or framework-based solution. From a security perspective, the site uses HTTPS and Google reCAPTCHA, but lacks visible security headers and a published security policy or incident response contacts. The presence of ISO 27001 certification is a strong trust indicator, though explicit privacy policy documentation is missing, which is a compliance gap. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and credible business with a solid technical foundation. Strategic improvements in privacy compliance, security headers, and accessibility would enhance the security posture and regulatory adherence, supporting long-term business growth and customer trust.

S

Skinfit

skinfit.eu

54

Skinfit is a specialized e-commerce retailer focusing on functional sportswear for endurance and outdoor sports. The company offers a wide range of products including clothing and equipment, targeting active consumers who integrate sports into their daily lives. The website is professionally designed with consistent branding and excellent content quality, supporting multiple languages and regional stores, primarily serving the Austrian market. The technical infrastructure is based on Magento Commerce, utilizing modern web technologies such as RequireJS, jQuery, and various Magento extensions, ensuring a good user experience and mobile optimization. Security measures include HTTPS enforcement and a comprehensive cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or blocking mechanisms were detected, indicating a mature security posture. Overall, Skinfit presents a trustworthy and professional online presence with strong privacy compliance and user engagement features.