Security Directory

ChargePoint, Inc. operates the be.ENERGISED platform, a modular SaaS solution designed to support businesses in building and expanding electric vehicle (EV) charging services. The website targets enterprises, fleet operators, partners, and EV drivers primarily in Germany and Europe, offering comprehensive services including charge point operation, software integration, billing, roaming, and white-label solutions. The company holds a strong market position with significant penetration among Fortune 50 companies and a large active charging network. Technically, the site is built on Drupal 10 and hosted on Pantheon, with integrations such as Google Tag Manager and Google Maps API enhancing functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and GDPR-compliant privacy and cookie policies. Overall, the site demonstrates high content quality and business credibility but requires urgent improvements in security infrastructure to protect user data and maintain trust.

W

Wellspect HealthCare

wellspect.com

35

Wellspect HealthCare is a global MedTech company specializing in continence care solutions, supporting individuals with urinary and bowel dysfunction through innovative products and educational resources. The company holds a strong market position with over 40 years of industry experience and operates under the parent company Dentsply Sirona. Their website reflects a professional and consistent brand image targeting carers, specialists, and new users in continence care. Technically, the website employs modern analytics and marketing tools such as Microsoft Application Insights, Google Tag Manager, and Salesforce Lightning, hosted behind Cloudflare. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw, severely impacting the site's security posture. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism despite active tracking scripts. Overall, the website offers excellent content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

T

Tractive

tractive.com

40

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

W

WIFI Österreich

wifi.at

38

WIFI Österreich is a prominent educational institution in Austria, offering a vast range of courses, seminars, and professional training programs across multiple sectors including academic education, business, health, IT, and management. It serves a broad audience including individuals seeking career advancement, apprentices, and corporate clients. The website reflects a well-structured, content-rich platform with excellent design and navigation, supporting both in-person and online learning modalities. Technically, the site uses standard web technologies like jQuery and lazy loading but lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Security headers and advanced SSL features are missing, indicating room for improvement in security posture. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the domain and business information are consistent and trustworthy, aligned with the parent organization Wirtschaftskammer Österreich. Strategic improvements in SSL implementation and security headers are recommended to enhance user trust and security.

C

connex.cc IT-Consulting GmbH

connex.cc

26

connex.cc IT-Consulting GmbH is a well-established Austrian IT consulting firm specializing in the public sector, with over two decades of experience. The company operates as a subsidiary of xrxes.cc Holding GmbH and offers a range of services including IT consulting, business analysis, test management, project management, and project assistance. The website is professionally designed, content-rich, and targets public sector organizations in Austria. Technically, the site is built on WordPress using Elementor and Astra theme, with modern plugins enhancing user experience. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and a consent mechanism. Contact information is clearly provided, enhancing business credibility.

Metro by T-Mobile is a prominent prepaid wireless telecommunications provider operating under the parent company T-Mobile US. The website offers a comprehensive range of prepaid phone plans, devices, and home internet services targeting consumers in the United States and Puerto Rico. It positions itself as a value-driven brand with competitive pricing, device promotions, and benefits such as Amazon Prime and Google One integration. The site is professionally designed with clear navigation and rich content tailored to its target audience.

D

Deutsche Telekom AG

deutsche-telekom.com

62

Deutsche Telekom AG operates a comprehensive corporate website providing detailed information about its integrated telecommunications services, corporate responsibility, investor relations, and innovation initiatives. The company is positioned as a leading global telecommunications provider with a strong focus on transparency and stakeholder engagement. The website infrastructure is built on modern web technologies with a custom CMS, leveraging nginx and Varnish caching, and hosted on AWS. While the site is well-structured, mobile-optimized, and rich in content, the current SSL certificate is invalid or missing, which significantly impacts the security posture. Security headers are properly configured, but the lack of valid HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature privacy stance. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL issues to ensure secure user interactions.

iteratec GmbH is a medium-sized, established software development company founded in 1996, with multiple offices across Germany, Austria, and Poland. The company specializes in digital transformation, AI and data analytics, IT security, and sustainable technology solutions, targeting enterprises in automotive, energy, and logistics sectors. Their website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts their security posture. Privacy and cookie policies are well implemented with consent mechanisms, indicating good compliance with GDPR. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trust.

H

HK/Danmark

hk.dk

38

HK/Danmark is a well-established Danish trade union and unemployment insurance provider, founded in 1900, serving a large membership base with comprehensive services including career guidance, legal advice, and member benefits. The website is professionally designed, content-rich, and targets employees, students, and job seekers in Denmark. Technically, the site uses modern web technologies such as ASP.NET, jQuery, and integrates analytics and chat services, but suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines its HTTPS security posture despite having HSTS headers configured. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and trust signals like Trustpilot integration enhancing business credibility. Overall, the site is highly professional but requires urgent security improvements to ensure user trust and data protection.

P

Pioneers Innovation GmbH

pioneers.io

22

Pioneers Innovation GmbH is an established innovation consulting and corporate venture building firm founded in 2013, serving a broad range of corporate clients across sectors such as energy, transportation, banking, and technology. The company offers comprehensive services including innovation strategy, setup, execution, venture building, and startup services, positioning itself as a trusted partner for innovation-powered transformation and growth. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client testimonials and references to large organizations. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business credibility is high, but the lack of HTTPS is a major risk that should be urgently addressed.

The PKE Group is a well-established Austrian technology company founded in 1979, specializing in security, communication, media, traffic, building, and logistics technology solutions. It operates internationally with a strong regional presence across Europe and the Middle East through multiple subsidiaries. The website reflects a professional and comprehensive digital presence, targeting businesses seeking innovative and reliable technology services. Technically, the site uses modern frameworks such as Pimcore CMS and Alpine.js, and employs Matomo for analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks and undermining trust. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site demonstrates strong business credibility but requires urgent security improvements to align with best practices.

C

Communi5

communi5.com

25

Communi5 is a medium-sized Austrian software manufacturer specializing in communications solutions for service providers, focusing on UCaaS and Cloud PBX offerings. The company demonstrates a mature market position with a future-oriented approach, integrating modern collaboration tools such as MS Teams. The website reflects a professional and consistent brand image with comprehensive content targeting service providers and business customers. Technically, the site is built on WordPress with Elementor and uses modern UI components like Smart Slider 3, but lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. However, the absence of explicit security policies and incident response information is noted. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

I

iMedia Web Solutions

imediasolutions.biz

22

iMedia Web Solutions is a small technology company based in India specializing in web design, WordPress development, eCommerce solutions, and responsive websites. With over 9 years of operation and more than 500 satisfied clients, the company positions itself as a reliable service provider offering white label and outsourcing solutions. The website is built on WordPress with a modern tech stack including PHP 7.4, LiteSpeed server, and popular plugins such as WPBakery and Slider Revolution. However, the site lacks a valid SSL certificate, which critically impacts its security posture. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Contact information is clearly provided, including phone, email, physical address, and a detailed contact form. Overall, the site demonstrates good content quality and business credibility but suffers from significant security and privacy shortcomings.

SPGPrints is a well-established global company specializing in textile and industrial printing solutions, with a strong focus on rotary screen and digital textile printing technologies. The company offers a comprehensive range of products including printing machines, consumables, and services, targeting businesses in textile, label, healthcare, and printed electronics sectors. Their market position is supported by decades of experience, numerous patents, and a global presence. Technically, the website is built on HubSpot CMS and leverages modern web technologies and marketing tools, but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with some security headers present but critical gaps in SSL/TLS configuration and privacy compliance. Overall, the website is professional and content-rich but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

K

Kolibri

kolibri.is

38

Kolibri is a small Icelandic digital design and development agency offering comprehensive services including web and app solutions, product development, and optimization. The company presents a professional portfolio showcasing notable projects, targeting businesses and organizations seeking digital transformation. The website is built on modern web technologies such as Webflow and uses Cloudflare for hosting and CDN services, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. Additionally, the lack of privacy and cookie policies suggests compliance gaps with GDPR and related regulations. Overall, while the business demonstrates professionalism and a clear market position, urgent improvements in security and privacy compliance are necessary to enhance trust and protect users.

V

VARIOTHERM HEIZSYSTEME GMBH

variotherm.com

21

Variotherm Heizsysteme GmbH is an established Austrian company specializing in surface heating and cooling systems for floors, walls, and ceilings, leveraging over 30 years of expertise. Their product portfolio targets contractors, installers, architects, and end customers seeking efficient heating and cooling solutions. The company maintains a professional online presence with multilingual support and a comprehensive product and service offering. Technically, the website is built on TYPO3 CMS served by Apache, with integrated analytics via Matomo and Google Tag Manager. However, the absence of HTTPS and a valid SSL certificate significantly undermines the security posture. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and incident response information indicates room for improvement. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

The website dondusang.net represents the official French public blood service, Etablissement français du sang (EFS). It provides comprehensive information and services related to blood, plasma, and platelet donations across France. The site is well-branded, content-rich, and targets donors, associations, and the general public with clear calls to action and partner engagement. Technically, the site is built on Drupal CMS, uses modern tracking and analytics tools, and integrates multiple partner domains. However, it lacks HTTPS support, which is a critical security flaw exposing users to risks. Security headers are well configured but cannot compensate for the absence of SSL/TLS. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates a high level of professionalism and trustworthiness but requires urgent security improvements.

The website for kerstin-schleicher.de currently serves as a placeholder or customer menu page for Lind & Quittek GmbH, a small company based in Mannheim, Germany. The site content is minimal and displays a message indicating the requested domain could not be found on the server, suggesting the domain is not actively hosting business content or services. The technical infrastructure includes common JavaScript libraries and the Bulma CSS framework, but lacks a valid SSL/TLS certificate and modern HTTPS configuration, which significantly impacts security and trustworthiness. Security headers are present but insufficient without proper SSL. No privacy, cookie, or terms of service policies are found, indicating poor compliance with privacy regulations. Overall, the website's digital maturity is low, with poor content quality and minimal user engagement features.

S

Smartly.io Solutions Oy

smartly.io

39

Smartly.io Solutions Oy operates a mature, enterprise-grade AI advertising platform focused on creative, media, and intelligence suites to optimize cross-channel advertising performance. The company is well-positioned in the technology sector with a strong market presence, supported by industry certifications and a comprehensive digital marketing infrastructure. The website is professionally designed, content-rich, and targets advertising professionals and teams seeking AI-powered campaign automation and insights. Technically, the site leverages modern web technologies including Webflow CMS, Marketo forms, and multiple analytics and tracking tools, hosted via Cloudflare CDN. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and trust.

x-tention is a medium-sized Austrian IT company specializing in comprehensive IT solutions for the healthcare and social sectors. Founded in 2001 and part of the xt Unternehmensgruppe, it offers consulting, software development, data science, managed services, and cybersecurity. The company targets healthcare providers and social organizations, emphasizing innovative and secure digital health solutions. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing clear contact and support channels. Technically, the site uses Drupal 10 and modern web technologies, but suffers from critical security issues due to the absence of a valid SSL certificate and HTTPS support, severely impacting its security posture. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, but urgent improvements in SSL/TLS implementation are needed to secure user data and trust.

B

Barmherzige Brüder Wien

bbwien.at

38

Barmherzige Brüder Wien operates as a large, well-established non-profit hospital in Austria, providing a broad range of medical services and patient care. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses a modern CMS (siteswift) and popular JavaScript libraries to enhance user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in all traffic being served over HTTP, which exposes users to potential interception risks. The site implements GDPR-compliant privacy and cookie consent mechanisms, indicating awareness of privacy regulations. WHOIS data confirms domain legitimacy and consistency with the hospital's identity. Overall, the site is professional and trustworthy but urgently requires HTTPS implementation to secure user data and improve security posture.

C

CTI Meeting Technology

ctimeetingtech.com

40

CTI Meeting Technology is a mature and established provider of comprehensive meeting management software solutions, serving the STEM meeting industry for over 40 years. Their all-in-one platform supports virtual, hybrid, and in-person events with a wide range of modules including abstract management, presentation management, program management, and more. The company targets meeting organizers, associations, PCOs, and other stakeholders involved in event planning and execution. Technically, the website is built on WordPress with Elementor and integrates various modern tools such as Calendly and Microsoft Clarity. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. While security headers are present, the lack of encryption is a critical vulnerability. The website demonstrates good privacy compliance with clear policies and contact information. Overall, the business is credible and well-positioned in its market, but it must address critical security issues to improve trust and compliance.

The website arionsolutions.com.br is currently inactive and displays an error page indicating that the site does not exist or the content has been removed. The page promotes Locaweb's site creation service as an alternative. There is no substantive business information, contact details, or privacy and security policies available on the site. Technically, the site is served via HTTP without SSL/TLS encryption, which is a critical security deficiency. Basic security headers are present but insufficient to ensure a strong security posture. DNS and mail records indicate hosting and mail services are provided by Locaweb, a known Brazilian hosting provider. Overall, the site lacks content, security, and compliance features, resulting in a low trust and credibility score.

Ö

Ökovolt Solartechnik GmbH

oekovolt.com

27

Ökovolt Solartechnik GmbH is a well-established company specializing in photovoltaic solutions for industry, commerce, municipalities, real estate developers, and private households. With over 15 years of experience, the company offers comprehensive services including planning, financing, installation, and operation of photovoltaic large-scale systems. Their market position is strong, supported by detailed project references and a professional online presence. Technically, the website is built on WordPress with modern SEO and analytics tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which undermines security and trust. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policies. Overall, the company demonstrates a mature digital infrastructure but must urgently address SSL issues to improve security posture and user trust.

The website ledon-lamp.com currently serves only a default cPanel placeholder page indicating server or DNS misconfiguration. There is no active business content, product information, or marketing material available. The only contact information is a webmaster email address. The domain is registered and uses Cloudflare DNS but lacks a valid SSL certificate and HTTPS support, severely limiting security and user trust. Performance is poor with a very slow load time, and no privacy or cookie policies are present, indicating low digital maturity and compliance. Security posture is weak due to missing TLS, security headers, and DNS security features. Overall, the site appears inactive or misconfigured, posing a risk to visitors and undermining business credibility.

V

Verlag Österreich

verlagoesterreich.at

24

Verlag Österreich is a specialized legal publisher based in Austria, offering a comprehensive range of legal literature including books, eBooks, journals, and commentaries. The website targets legal professionals, academics, students, and institutions, providing an e-commerce platform for purchasing legal publications. The business is well-established with a consistent brand presence and a professional digital footprint. Technically, the website uses a modern tech stack including Apache, jQuery, and a proprietary CMS (Datamints), with good mobile optimization and accessibility features. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Security headers are present but cannot compensate for the lack of encryption. Privacy and cookie policies are comprehensive and GDPR compliant, and the site employs Google Tag Manager for analytics and marketing. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to ensure secure user interactions.

N

nora systems GmbH

nora.com

36

nora systems GmbH is a globally recognized manufacturer specializing in high-quality rubber floor coverings, headquartered in Germany with a history dating back to 1950. The company holds a strong market position as a leader in resilient flooring solutions across multiple sectors including healthcare, education, industry, and public buildings. Their business model focuses on manufacturing and direct sales, supported by innovative installation and cleaning systems. The website reflects a professional and comprehensive digital presence with rich content tailored to architects, builders, and facility managers. Technically, the site is built on Sitecore CMS and served via Microsoft IIS, with integrations for marketing and analytics through Google Tag Manager and Usercentrics consent management. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR standards. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

I

Implenia AG

implenia.com

38

Implenia AG is a leading Swiss construction and real estate services company with a strong multinational presence, particularly in Switzerland and Germany. The company specializes in infrastructure, real estate development, and specialized construction services such as tunnel and civil engineering. The website reflects a mature business with comprehensive content targeting business clients, investors, and partners. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management and analytics tools. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

B

Bayer G4A

grants4apps.com

36

Bayer G4A operates as a healthcare innovation accelerator focused on digital health startups, providing funding, consulting, and expertise to scale businesses that transform healthcare experiences. The website positions Bayer G4A as a leading pharmaceutical accelerator with a portfolio of over 150 startups and multiple commercial collaborations worldwide. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, with content managed via Builder.io, reflecting a contemporary digital infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Additionally, privacy and cookie policies are not found, and direct contact information such as emails or phone numbers is absent, limiting transparency and user trust. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent security and privacy improvements.

W

WestLicht

westlicht.com

40

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

37

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

K

Kreisel Electric GmbH

kreiselelectric.com

21

Kreisel Electric GmbH is a medium-sized Austrian company specializing in advanced battery technology and high-voltage battery systems for electrification projects across commercial, marine, off-highway, and motorsport sectors. The company leverages patented immersion cooling technology to deliver high safety, performance, and longevity in their products. Their market position is strengthened by strategic partnerships with industry leaders such as BASF and Allego, reflecting a commitment to sustainability and innovation. The website is professionally designed, content-rich, and targets B2B customers seeking electrification solutions. Technically, the site is built on WordPress with modern SEO and marketing tools like Google Tag Manager and OneTrust for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy compliance is addressed through comprehensive policies linked to Deere & Company, indicating a strong privacy posture. Contact information is clearly provided, enhancing business credibility. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are recommended.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

The website sensix.net is currently inaccessible due to a Cloudflare Turnstile human verification challenge, which blocks access to the actual site content. The domain is mature, registered since 2016 with GoDaddy, and uses Cloudflare for DNS and security services. However, no valid SSL certificate is configured, and the site does not support HTTPS, which is a critical security deficiency. The landing page contains minimal content, primarily a security challenge message, with no visible business information, contact details, or privacy policies. Performance is poor with a high load time, and there are no indications of SEO or accessibility optimizations. Overall, the technical infrastructure relies on Cloudflare but lacks essential security configurations and content accessibility, limiting the ability to assess the business or security posture fully.

V

VAM USA

vam-usa.com

40

VAM USA is a medium-sized company specializing in premium connection solutions for the oil and gas industry, with a strong market position as a world leader and a parent company relationship to Vallourec Oil and Gas France. The website provides comprehensive business information, product details, and service offerings targeted at energy sector professionals and distributors in North America. Technically, the site is built on WordPress with common marketing and analytics tools but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The security posture is weak due to the absence of a valid SSL certificate and no HTTPS support, which is a critical issue. Privacy compliance is poor, with no visible privacy or cookie policies. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

Trūata Limited is a UK-based technology company specializing in privacy-enhancing data analytics solutions. Their offerings include anonymization services, privacy risk assessments, and privacy-compliant analytics platforms designed to help businesses extract value from data while maintaining compliance with global data protection regulations. The company targets enterprises and organizations seeking to leverage data securely and ethically, positioning itself as a leader in privacy technology with notable partnerships including IBM, Microsoft Azure, and Mastercard. The website is professionally designed, content-rich, and well-structured, supporting a positive user experience and clear navigation. Technically, the site is built on WordPress with integrations of marketing and analytics tools such as Adobe Analytics and HubSpot, and hosted on Microsoft Azure infrastructure. However, the security posture is weakened by the absence of a valid SSL certificate and lack of enabled TLS protocols, which is a critical vulnerability that undermines secure communications and user trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR-aligned consent mechanisms. WHOIS data confirms the domain's legitimacy and consistent registration history. Overall, while the business and content quality are strong, urgent improvements in SSL/TLS security are necessary to elevate the site's security and trustworthiness.

The website exporttradinggroup.com currently serves minimal content consisting solely of a redirect script to a /lander page, with no accessible metadata, business information, or user-facing content. The domain is registered and has valid DNS A records, but lacks proper mail exchange configuration and does not use DNSSEC or CAA records. Critically, the site does not have a valid SSL certificate and does not support HTTPS, exposing it to security risks and reducing user trust. No privacy, cookie, or terms of service policies are present, and no contact or social media information is available, indicating a very low level of digital maturity and transparency. From a technical perspective, the site lacks any detectable technology stack, frameworks, or CMS. Performance data is absent, and the site is not optimized for mobile or accessibility. Security posture is weak due to missing HTTPS, absence of security headers, and no incident response or vulnerability disclosure information. The DNS SPF record is configured to reject all mail, which may indicate no email services are intended for this domain. Overall, the security posture is poor with critical issues such as no SSL and no content, which severely limits the ability to assess business credibility or compliance. The domain registration appears consistent but lacks publicly available registrant details. Strategic recommendations include immediate implementation of HTTPS with a valid certificate, deployment of basic security headers, and publishing of privacy and cookie policies to improve compliance and trust. Additionally, the website should provide meaningful content and contact information to enhance business credibility and user experience.

Hermes Europe GmbH operates a mature and professionally presented website focused on integrated supply chain and logistics solutions, targeting national and international trading companies. The company positions itself as a leading expert in the transportation sector, offering services such as global e-commerce support, parcel distribution, and specialized handling solutions. The website content is well-structured, with clear navigation and multilingual support, reflecting a large enterprise with multiple subsidiaries. Technically, the site is hosted on Google Cloud infrastructure using nginx and incorporates modern analytics and consent management tools. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Privacy policies and cookie consent mechanisms are present and appear GDPR compliant, supporting responsible data handling practices. Overall, the domain registration data corroborates the business legitimacy and maturity, but urgent improvements in security configurations are recommended.

P

perma-tec

perma-tec.com

30

perma-tec is a globally recognized leader in manufacturing automatic lubrication systems, offering innovative and reliable solutions that reduce maintenance costs and prevent equipment failures. Their product portfolio includes single- and multi-point lubrication systems, connected solutions like perma CONNECT, and comprehensive services such as installation and technical training. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on the Flow Framework and Neos CMS, with Apache hosting and uses Matomo for analytics, indicating a privacy-conscious approach. However, the absence of a valid SSL certificate and HTTPS support is a significant security vulnerability, exposing users to risks and undermining trust. Security headers are partially implemented, but the lack of TLS protocols and cipher suites further weakens the security posture. Privacy policies and cookie consent mechanisms are present and comprehensive, supporting GDPR compliance. Overall, the site is content-rich and business credible but requires urgent security improvements to protect users and enhance trust.

U

University of Aleppo

alepuniv.edu.sy

37

The University of Aleppo website serves as an online presence for a major educational institution in Syria, focusing on higher education and academic services. The site content is minimal, primarily a placeholder with a single app container and no visible user-facing content or policies. Technically, the site runs on an nginx server with PHP 7.4 but lacks a valid SSL/TLS certificate, resulting in no HTTPS support and exposing users to security risks. Security headers are minimal, and no advanced protections such as HSTS or DNSSEC are implemented. The absence of privacy, cookie, and terms of service policies indicates a lack of compliance with modern data protection regulations. Overall, the website's digital maturity is low, with slow performance and basic mobile optimization.

BEST - Bioenergy and Sustainable Technologies GmbH is a medium-sized Austrian research organization specializing in sustainable bioenergy technologies. The company focuses on developing biomass-based biorefineries, digital methods for energy systems, and sustainable supply and value chains. Their market position is that of a technological leader and research center in Austria and Central Europe, serving research institutions, industry partners, and policymakers. The website provides comprehensive information on projects, publications, and company offices, targeting stakeholders interested in renewable energy and bioeconomy. Technically, the website uses a CakePHP CMS with Bootstrap and common JavaScript libraries but lacks HTTPS, which is a critical security gap. The site is mobile-optimized and has good content quality and navigation but suffers from slow performance and basic SEO and accessibility. Security posture is weak due to missing SSL/TLS and modern security headers, though session cookies are set with secure flags and X-Frame-Options is enabled. Privacy compliance is basic with a cookie consent banner and a privacy policy PDF in German. Contact information is clearly presented with multiple Austrian office locations and verified company emails and phone numbers. Analytics tools include Google Analytics and Matomo, indicating moderate user tracking. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance security headers.

Crystalline Mirror Solutions is a small technology company specializing in crystalline mirror products, currently operating as a subsidiary of Thorlabs. The website serves primarily as a landing page announcing the acquisition by Thorlabs and providing links to products and press releases hosted on the parent company's domain. The technical infrastructure is basic, utilizing Bootstrap for styling and conditional loading of Google Tag Manager for analytics. However, the site lacks HTTPS, which severely impacts its security posture. Security headers are minimal, and no privacy or cookie policies are present, indicating low privacy compliance. The absence of contact information and business details on the site further limits its credibility and user trust. Overall, the website is functional but minimalistic, with significant room for improvement in security, privacy, and content richness.

B

bulmor industries GmbH

bulmor-airground.com

37

Bulmor airground technologies GmbH is a specialized manufacturer of medical highloaders (Ambulift SideBull) designed to facilitate safe and efficient boarding of mobility-impaired passengers at airports. The company has a niche market position with patented technology and partnerships with major airports and airlines. The website is built on TYPO3 CMS and uses several JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The domain is mature and trustworthy, registered since 2011 with no suspicious patterns beyond lack of domain protection locks.

K

Startseite - KFV - Kuratorium für Verkehrssicherheit

kfv.at

40

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 28 security findings identified across all modules.

A

Audit Partner Austria Wirtschaftsprüfer GmbH

auditpartner.at

26

Audit Partner Austria Wirtschaftsprüfer GmbH is a professional services firm specializing in tax consulting and auditing services primarily serving Austrian businesses and professionals. The company emphasizes expertise, personal consultation, and proactive advisory services. Their website reflects a medium-sized firm with a consistent brand and a clear focus on finance-related services. The technical infrastructure is based on WordPress with common web technologies such as jQuery and Bootstrap, hosted on Austrian DNS infrastructure. However, the website lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers like HSTS are present, they are ineffective without HTTPS. The site provides comprehensive contact information and privacy policies, but lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and trustworthy but requires urgent improvements in SSL configuration and security transparency.

M

Mars Hospitality Group

mars-world.com

34

Mars Hospitality Group operates a portfolio of hotels, restaurants, catering outlets, and an exclusive recreation club primarily in Mumbai, India, with additional venues in Mussoorie, Landour, and Summit, New Jersey. The company targets hospitality customers seeking boutique and upscale experiences, positioning itself as a notable player in the hospitality sector with multiple brands and venues. The website content reflects this business focus but lacks comprehensive contact and compliance information. Technically, the website is hosted on an Apache server serving XHTML 1.0 Transitional content with basic CSS styling. The absence of a valid SSL certificate and HTTPS support is a significant technical and security deficiency. The site lacks modern web frameworks, performance optimizations, and accessibility features, indicating a low level of digital maturity. From a security perspective, the site does not implement HTTPS, modern TLS protocols, or essential security headers, exposing it to potential risks. No privacy or cookie policies are present, and no incident response or security policies are disclosed. The Entrust SSL seal script is included but misleading due to the invalid certificate. DNS records are standard but lack DNSSEC and CAA protections. Overall, the website presents moderate business credibility but suffers from critical security and compliance gaps. Strategic improvements in SSL implementation, security headers, privacy compliance, and contact transparency are recommended to enhance trust and protect users.

S

Sonnenberg-Apotheke, Helge Lehnert e.K.

sonnenberg-apotheke.com

38

Sonnenberg-Apotheke is a well-established local pharmacy in Chemnitz, Germany, operating since 2001. The business offers a range of pharmaceutical services including certified travel vaccination advice, medication reservation, rental of medical devices, and substitution care for opioid-dependent patients. The website reflects a professional and consistent brand presence targeting local customers with additional online service capabilities. Technically, the site uses a modern front-end stack with Foundation framework and common JS libraries but lacks performance metrics and has no valid SSL certificate, which is a critical security concern. Security headers are partially implemented but the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy and cookie policies are present, indicating GDPR awareness, though the cookie consent mechanism is minimal. Contact information is clearly provided and consistent with WHOIS data, supporting business credibility. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

Croma-Pharma is a medium-sized Austrian company specializing in minimally invasive aesthetic medical products, including hyaluronic acid fillers, botulinum toxin, skin boosters, and skincare lines with plant-exosomes. The company targets healthcare professionals and aesthetic practitioners, offering both products and business services such as consulting and education. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and regions. Technically, the site uses Silverstripe CMS and integrates Google Analytics and reCAPTCHA for user tracking and security. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a solid business presence but requires urgent security improvements to protect user data and enhance trust.

Dynea AS is a Norwegian-based manufacturer specializing in wood adhesives and related chemical solutions, serving primarily the European market with additional sales in Asia, Africa, and the Americas. The company offers a broad portfolio of products including amino-based resins, polyurethanes, emulsion polymers, and hot melt adhesives, complemented by services such as consulting, tank cleaning, and toll production. Established in 1947, Dynea maintains a strong market position as a leader in the European wood adhesives sector with multiple production sites and subsidiaries. Technically, the website employs modern front-end technologies such as Bootstrap, AOS, and Swiper, providing a good user experience with responsive design and clear navigation. However, the site lacks HTTPS support and a valid SSL certificate, which critically undermines its security posture. The absence of cookie consent mechanisms and limited privacy compliance features further highlight areas for improvement. From a security perspective, the site shows no evidence of common vulnerabilities like Heartbleed or POODLE but suffers from the lack of encryption and security headers. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims, supporting trustworthiness despite technical security shortcomings. Overall, Dynea's website reflects a professional and established business with solid content and branding but requires urgent security enhancements to protect user data and comply with modern web security standards.