Security Directory

H

HM Viloo Ltd

kenyacompanies.com

37

KenyaCompanies.com operates as a leading online business directory focused on Kenyan businesses, providing a platform for verified business listings, enhancing brand visibility, and facilitating business connections. The website targets businesses and customers within Kenya, offering services such as business listings, company registration assistance, event listings, and promotional offers. The platform is positioned as a trusted and human-edited directory, managed by HM Viloo Ltd, with a medium-sized operational scale and consistent branding. Technically, the website is built on Joomla CMS and leverages a modern technology stack including React, jQuery, Google Analytics, and various UI libraries. The site demonstrates moderate performance and good mobile optimization, with a structured navigation and SEO-friendly meta tags. However, accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, but lacks explicit security headers and published security policies. No incident response or vulnerability disclosure information is available, and cookie consent mechanisms are absent. Advertising is managed through Google Adsense, with tracking via Google Analytics and Tag Manager, indicating moderate user tracking. Overall, the website presents a moderate risk profile with good business credibility but room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, publishing privacy and security policies, and adding cookie consent mechanisms to enhance trust and compliance.

SOCOTEC España is a well-established engineering consultancy and TIC service provider operating primarily in Spain and Colombia. As part of the SOCOTEC Group, it holds a strong market position in infrastructure, construction, and environmental sectors, emphasizing sustainability and innovation. The website reflects a mature digital presence with comprehensive service offerings and a clear focus on resilience and decarbonization. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes performance monitoring and consent management tools, indicating a good level of digital maturity. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response disclosures are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting SOCOTEC's reputation as a leading engineering firm.

S

St Edward's College

stedwards.nsw.edu.au

33

St Edward's College is a Catholic secondary educational institution located in East Gosford, NSW, Australia. The website serves as a comprehensive portal for students, parents, and the community, offering information on enrolment, curriculum, pastoral care, co-curricular activities, and news updates. The college positions itself as a quality teaching institution with a focus on opening hearts and minds. The digital presence is supported by a WordPress CMS with a variety of plugins enhancing user experience and content management. The site is well-structured with clear navigation and mobile optimization, targeting local and regional audiences interested in Catholic secondary education. Technically, the website employs modern JavaScript libraries such as jQuery, jQuery UI, and Bootstrap, alongside SEO optimization via Yoast. The site uses HTTPS with a good SSL configuration, though security headers could be improved. Google Analytics is implemented for user tracking, but no cookie consent mechanism is present, indicating partial privacy compliance. Contact information is prominently displayed, enhancing business credibility. From a security perspective, the site shows a moderate security posture with HTTPS enforced and no visible exposed sensitive data. However, the absence of advanced security headers like Content Security Policy and lack of a vulnerability disclosure or incident response policy are areas for improvement. The WHOIS data aligns well with the website's identity, showing consistent registration details and domain age appropriate for the institution's history. Overall, the website is professional, functional, and trustworthy, with recommendations to enhance privacy compliance and security practices to further strengthen its posture.

C

Carlo Gavazzi

carlogavazzi.com.mt

57

Carlo Gavazzi is an established international group specializing in the design, manufacture, and marketing of electronic automation components, primarily serving the industrial and building automation markets. The company maintains a strong global presence with a comprehensive product portfolio including sensors, solid state relays, energy meters, and IIoT solutions. Their website reflects a professional and consistent brand image, supported by a modern TYPO3 CMS infrastructure and responsive design. The site includes detailed product information, industry-specific solutions, and a robust cookie consent mechanism ensuring compliance with privacy regulations. Security-wise, the website demonstrates good practices with no critical vulnerabilities detected, although there is room for improvement in implementing security headers and publishing explicit security policies. Overall, the domain registration data aligns well with the company's business claims, reinforcing the site's legitimacy and trustworthiness.

G

GreenPak Co-op Society Ltd.

greenpak.com.mt

51

GreenPak Co-op Society Ltd. is a Malta-based cooperative society established in 2004, specializing in providing legal compliance and waste recovery services for businesses trading in Malta. The company is an ERA authorised waste recovery organisation focusing on packaging, WEEE, batteries, and accumulators recycling. With over 1,200 members, GreenPak holds a strong market position as a pioneer and trusted provider in the Maltese waste recovery sector. The website reflects this business focus with clear service offerings, project highlights such as iBiNs and Batteries for Hospice, and a cooperative ownership model. Technically, the website is built on Drupal 10 CMS, leveraging modern frontend libraries including jQuery UI, Bootstrap, and Nivo Slider. The site is mobile optimized with good navigation clarity and professional design quality. Cookie consent is implemented with an opt-in mechanism, supporting GDPR compliance. However, no explicit security or incident response policies are publicly available. No analytics or tracking services were detected, indicating a privacy-conscious approach. Security posture is moderate with no visible vulnerabilities or exposed sensitive data, but lacks advanced security headers and explicit policies. The domain registration details align well with the business claims, supporting legitimacy and trustworthiness. Overall, the website is professional, functional, and compliant with basic privacy requirements, serving its target audience effectively.

C

Carlo Gavazzi

gavazzi.dk

55

Carlo Gavazzi is an established international group specializing in the design, manufacture, and marketing of electronic automation components, primarily serving the industrial and building automation markets. The company maintains a strong market position with a comprehensive product portfolio including sensors, solid state relays, energy meters, and related automation devices. Their website reflects a professional and consistent brand image with clear business descriptions and a focus on global reach through multiple language and regional versions. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web technologies such as Bootstrap 5 and jQuery, with integration of Cookiebot for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers could enhance its security posture. From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism, but lacks explicit public security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. The domain registration details are consistent with the business claims, indicating a high level of legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

M

Malta Communications Authority

mca.org.mt

52

The Malta Communications Authority (MCA) is a government regulatory body overseeing the communications sector in Malta, including telecommunications, digital services, spectrum management, and consumer protection. The website serves as an official portal providing regulatory information, consumer resources, publications, and online services such as payments and forms. It targets consumers, industry stakeholders, and government entities, positioning itself as the authoritative communications regulator in Malta. Technically, the website is built on Drupal 10 CMS, leveraging modern JavaScript libraries such as jQuery, Swiper.js for interactive elements, and Google reCAPTCHA v3 for form security. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. The presence of HTTPS and secure form handling indicates a solid security foundation. Security posture is generally strong with HTTPS enforced and no visible sensitive data exposure. However, the absence of explicit security headers and a formal security or incident response policy page suggests room for improvement. Privacy compliance is partial, with a privacy policy present and GDPR compliance implied, but lacking a cookie consent mechanism. Overall, the MCA website is a professional, trustworthy, and functional government site with a good balance of content quality and technical implementation. Strategic enhancements in privacy compliance and security transparency would further strengthen its posture.

R

Ramla Bay Resort

ramlabayresort.com

42

Ramla Bay Resort is a medium-sized hospitality business located in Malta, offering accommodation, dining, wellness, events, and unique leisure experiences such as water sports and diving. The website reflects a professional and consistent brand presence with a focus on Mediterranean coastal tourism. The technical infrastructure is based on WordPress with modern plugins and tracking tools, providing a good user experience and mobile optimization. Security posture is strong with HTTPS, GDPR compliance, and no visible vulnerabilities, although some security policies and incident response information are not publicly available. Overall, the website is trustworthy and well-maintained, supporting the resort's market position as a reputable destination in Malta.

B

Boards.lv

boards.lv

41

Boards.lv is a well-established Latvian retailer specializing in extreme sports equipment and apparel, serving professionals and enthusiasts since 2001. The company operates both an online e-commerce platform and a physical store, offering a wide range of products including skateboards, snowboards, surfing gear, and related accessories. The website is professionally designed with good navigation, mobile optimization, and clear product categorization, targeting the Latvian market primarily but also offering English language support. Technically, the site uses modern JavaScript libraries and frameworks, ensuring a responsive and interactive user experience. Security posture is strong with HTTPS enforced, CSRF tokens, and cookie consent mechanisms, although some security headers could be improved. Privacy compliance is well addressed with a clear privacy policy and cookie consent modal supporting GDPR requirements. Overall, the site demonstrates a mature digital presence with a high level of trustworthiness and business credibility.

Z

Zagrebački holding d.o.o. - Podružnica AGM

agm.hr

44

AGM is a well-established Croatian retail and publishing company specializing in books and art supplies, operating both physical stores and an online webshop. Founded in 1967 and part of Zagrebački holding d.o.o., AGM targets Croatian-speaking customers including artists, students, and general book buyers. The website reflects a mature business with consistent branding and a good user experience. Technically, the site uses legacy jQuery and common libraries like Google Analytics and Google Maps API, with moderate performance and mobile optimization. Security posture is adequate with HTTPS and secure login forms, but could be improved by updating outdated libraries and adding security headers. Privacy and cookie policies are present and GDPR compliant, with clear contact information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

N

Nagoya International Exhibition Hall

portmesse.com

44

Nagoya International Exhibition Hall (ポートメッセなごや) operates as a major international exhibition and event venue located in Nagoya, Japan. The facility caters to a broad range of events including seminars, business meetings, exhibitions, ceremonies, parties, incentives, concerts, and other communication spaces. It serves event organizers and visitors primarily in the hospitality and government sectors, positioning itself as a key regional player in event hosting and venue services. Technically, the website is built on WordPress 4.9.9 with a variety of plugins such as Contact Form 7 for forms, Smart Slider 3 for visual content, and FooBox for image lightbox functionality. The site uses jQuery and jQuery UI libraries and integrates Google Tag Manager for analytics and marketing. The site is mobile optimized and includes accessibility features, but the WordPress version is outdated, which may pose security risks. From a security perspective, the site enforces HTTPS and uses Google Tag Manager and reCAPTCHA on forms, but lacks comprehensive security headers and runs an outdated CMS version. No explicit security or incident response policies are published. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy with good business credibility and content quality. However, security and privacy compliance could be improved by updating software, adding security headers, and implementing cookie consent mechanisms.

L

Latvijas dzelzceļa vēstures muzejs

railwaymuseum.lv

57

The Latvijas dzelzceļa vēstures muzejs (Latvian Railway Museum) is a cultural institution dedicated to preserving and presenting the history of railways in Latvia. It operates as a small-sized non-profit entity affiliated with the Latvian Railways group, offering museum exhibitions, educational programs, guided tours, and a souvenir shop. The website is professionally designed using Drupal 7 CMS and Bootstrap, providing a responsive and user-friendly experience primarily in Latvian with English language support. The museum targets general visitors, railway enthusiasts, students, and event organizers, positioning itself as a leading railway heritage institution in Latvia. Technically, the website employs a mature but somewhat dated technology stack including jQuery 1.8, Drupal 7, and Bootstrap 3. It integrates Google Maps and Google Analytics for enhanced user experience and analytics. Performance is moderate with good mobile optimization and basic accessibility features. The site uses HTTPS with no detected WAF or blocking mechanisms, ensuring secure access. From a security perspective, the site demonstrates good practices such as cookie consent compliance and no visible vulnerabilities or exposed sensitive data. However, it lacks advanced security headers and uses an older jQuery version, which could be improved. Privacy compliance is strong with GDPR-aligned cookie and privacy policies. Contact information is clearly presented, though no explicit security or incident response policies are found. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its cultural and educational mission effectively. Strategic improvements in security headers, technology updates, and explicit security policies would enhance its security posture and trustworthiness further.

L

Latvijas Nacionālā bibliotēka

digitalabiblioteka.lv

49

Digitālā bibliotēka is a Latvian National Library operated digital platform providing access to a wide range of Latvian cultural heritage digital collections including texts, images, audio, video, and objects. It serves researchers, educators, cultural professionals, and the general public with rich metadata, advanced search capabilities, and educational content. The platform is well-branded, professionally designed, and accessible with multilingual support and accessibility features. Technically, it uses a modern JavaScript stack with jQuery, DataTables, Google reCAPTCHA, and Google Tag Manager for analytics and security. Security posture is strong with HTTPS, form protections, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the website is a trusted, authoritative source for Latvian cultural heritage digital resources.

P

Powerbox International

prbx.com

52

Powerbox International is a well-established company specializing in power supply solutions for demanding applications across industrial, medical, transportation, and defense sectors. As part of the Cosel Group, it leverages over 50 years of expertise to maintain a strong market position with a focus on technological edge and sustainability. The website reflects a professional and consistent brand image, targeting B2B customers requiring reliable power solutions. Technically, the site is built on WordPress with modern plugins and frameworks, including Yoast SEO and Cookiebot for compliance. The infrastructure supports good performance, mobile optimization, and accessibility, although hosting details are not explicitly identified. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but could be improved by adding explicit security headers and publishing security policies. Overall, the domain registration details align well with the business claims, indicating high legitimacy and trustworthiness.

O

Omda

csamhealth.com

57

Omda AS is a Norway-based software solutions provider specializing in healthcare and emergency services software. The company offers a broad portfolio including LIMS, Medication Management, Connected Imaging, and Health Analytics, targeting CTOs, healthcare professionals, emergency response teams, government entities, patients, and researchers. Omda emphasizes regulatory compliance, owning its codebase to ensure product integrity and operational efficiency. The website reflects a mature digital presence with comprehensive content, strong branding, and active engagement through news, blogs, and social media channels. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile responsiveness. Security posture is solid with HTTPS, cookie consent mechanisms, and ISO 13485 certification, though explicit security headers and incident response policies could be improved. Overall, Omda presents a trustworthy and professional online presence aligned with its business objectives.

Vetoquinol is a well-established, independent family-owned company specializing in veterinary pharmaceuticals and animal health products. The company has a strong global footprint with subsidiaries and distributors in numerous countries, reflecting a mature and expansive business model. Their website provides comprehensive investor relations, career opportunities, and corporate responsibility information, targeting veterinary professionals, investors, and potential employees. Technically, the site is built on Drupal 10, uses modern analytics tools including privacy-focused Matomo Cloud, and implements cookie consent mechanisms compliant with GDPR. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the website demonstrates high professionalism, good technical implementation, and strong business credibility, making it a trustworthy digital presence for the company.

A

AREAL

topkapi-scada.com

47

AREAL is a French software publisher specializing in industrial supervision and automation solutions, notably through its Topkapi software platform. The company serves a diverse range of sectors including energy, transport, environment, industry, and smart cities. With over 30 years of experience and certifications such as ISO/IEC 27001:2022 and Qualiopi, AREAL positions itself as a trusted partner for operational efficiency. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to enterprise clients. Technically, the site is built on Drupal 10 with modern libraries and frameworks, incorporating strong privacy and security measures such as cookie consent management and reCAPTCHA protection on forms. Security posture is robust, supported by certifications and best practices, though some security headers could be enhanced. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

C

Copenhagen Business School

cbs.dk

56

Copenhagen Business School (CBS) is a globally recognized Nordic business school offering a wide range of educational programs including bachelor, master, PhD, and continuing education. The institution is well-positioned in the education sector with multiple international accreditations such as EQUIS, AACSB, AMBA, CEMS, and PIM, reflecting its high academic standards and global reach. The website targets students, researchers, alumni, and organizations, providing comprehensive information about programs, research, and strategic initiatives. CBS operates a professional and content-rich website built on Drupal CMS, integrating modern web technologies and analytics tools to enhance user experience and data-driven insights.

Synapse Mobile Networks S.A. is a small telecommunications software provider based in Luxembourg, established in 2003. The company specializes in network management solutions including Automatic Device Management Systems, Equipment Identity Registers, and Roaming Service Centers targeted at 3GSM/LTE operators. Their website reflects a niche B2B business model focusing on telecom operators seeking to optimize network access and roaming services. The market position is that of a specialized software vendor with a consistent brand presence but limited public-facing content and engagement features. Technically, the website uses legacy JavaScript libraries such as jQuery and jQuery UI along with a slider plugin for UI elements. The site is moderately performant with basic mobile optimization and accessibility features. However, there is no evidence of modern CMS usage or advanced SEO practices. The website lacks HTTPS information in the provided data, and no security headers or privacy-related policies are present, indicating a low maturity in security and compliance. From a security perspective, the absence of HTTPS and security headers is a significant concern, exposing users to potential risks. The lack of privacy and cookie policies also indicates non-compliance with GDPR and related regulations. No contact information or incident response channels are provided, limiting transparency and trust. Overall, the security posture is weak, and the website would benefit from implementing standard security best practices and compliance documentation. The overall risk assessment suggests moderate business credibility but low security and privacy compliance. Strategic recommendations include immediate implementation of HTTPS, publishing privacy and cookie policies, adding contact and incident response information, and improving mobile and accessibility features to enhance user trust and regulatory compliance.

Unico Consulting AB is a Swedish consultancy specializing in PLM, CAD, and PDM consulting, development, and training services since 1989. The company targets technical industries such as automotive and transportation, offering customized training and expert advisory services. Their website reflects a professional and consistent brand with good content quality and user experience. Technically, the site uses a custom CMS with jQuery and other JavaScript libraries, delivering moderate performance and good mobile optimization. Security posture is moderate but lacks visible HTTPS confirmation and security headers, and no privacy or cookie policies are published, indicating compliance gaps. Overall, the website is trustworthy with clear business information and testimonials but would benefit from improved security and privacy compliance measures.

E

EmbeddedArt Group AB

embeddedart.se

31

EmbeddedArt Group AB is a Swedish technology company specializing in embedded systems, underwater technology, and defense-related products and services. Their offerings include underwater sensors, maritime surveillance systems, IoT solutions, and system development services. The company targets defense and marine technology sectors, positioning itself as a niche provider with expertise in embedded and underwater systems. The website reflects a professional and consistent brand image with clear navigation and relevant content focused on their core competencies. Technically, the website uses a custom CMS with older but functional JavaScript libraries such as jQuery 2.1.1, integrated with Google Analytics and Google Tag Manager for tracking. The site is mobile optimized and includes a cookie consent mechanism compliant with GDPR requirements. However, there is no visible evidence of modern security headers or advanced security frameworks implemented. From a security perspective, the site does not show signs of blocking or WAF interference, and no sensitive data is exposed in the HTML. The cookie consent mechanism is robust, but the absence of explicit security policies, incident response contacts, or vulnerability disclosure pages indicates room for improvement in security transparency and readiness. Overall, EmbeddedArt's website demonstrates a moderate to good level of digital maturity with solid business credibility and privacy compliance. Strategic enhancements in security policies, modernizing technical stack, and adding vulnerability disclosure mechanisms would strengthen their security posture and trustworthiness.

K

KPA Pension

kpa.se

53

KPA Pension is a well-established Swedish pension company specializing in occupational pensions for employees within the municipal and regional sectors. The website reflects a strong market position with clear focus on providing secure, ethical, and low-fee pension services. The content is comprehensive and professionally presented, targeting Swedish public sector employees. Technically, the site uses modern web technologies including EPiServer CMS, Adobe Dynamic Tag Manager, and OneTrust for cookie consent, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and anti-CSRF tokens in forms, though additional security headers could enhance protection. Privacy compliance is robust with clear GDPR-aligned policies and consent mechanisms. Overall, the site is trustworthy and professionally managed, with clear contact information and no signs of blocking or malicious activity.

V

VillaGaiety

villagaiety.com

55

VillaGaiety is a government-operated entertainment venue management organization based on the Isle of Man, managing premier cultural sites such as the Villa Marina and Gaiety Theatre. The website serves as a comprehensive portal for event information, ticketing, venue hire, and visitor information, targeting local residents and visitors interested in arts and entertainment. The business model revolves around event hosting, ticket sales, and venue services, positioning VillaGaiety as a leading cultural institution on the island. Technically, the website employs a mature technology stack including jQuery, Google Tag Manager, Facebook Pixel, and integrates with the Ticketsolve platform for ticketing. The site is moderately performant, mobile-optimized, and includes accessibility features, though some improvements could be made. SEO practices are good with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and documented security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance indicators are present. Overall, the website is professional, trustworthy, and well-aligned with its government affiliation. Recommendations include enhancing security headers, documenting security policies, and improving accessibility compliance to further strengthen the security posture and user experience.

The Isle of Man Post Office website serves as the official digital presence for the government postal service of the Isle of Man. It offers a comprehensive range of services including online postage, mail receiving and sending, foreign currency exchange, business mailing solutions, and retail products such as stamps and coins. The site targets both individual residents and businesses within the Isle of Man and surrounding regions, positioning itself as the primary postal and related services provider in the territory. The business model is government-operated, focusing on providing essential postal and financial services with a strong emphasis on customer convenience and digital accessibility. Technically, the website employs a modern technology stack including jQuery, the Foundation CSS framework, Google reCAPTCHA v3 for bot protection, and integrates Google Fonts and jQuery UI for enhanced user experience. The site demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS (implied by external Google reCAPTCHA and Google Fonts usage over HTTPS), includes CSRF tokens in forms, and implements a cookie consent mechanism compliant with GDPR. However, explicit HTTP security headers are not detected in the provided data, and no published security policy or incident response contacts are found. There are no visible vulnerabilities or exposed sensitive data. The site integrates tracking and marketing tools such as Google Analytics and Facebook Pixel, with moderate user tracking levels and good privacy compliance. Overall, the website is professionally designed, trustworthy, and well-aligned with the official government postal service branding. The domain registration data matches the website content and business claims, indicating legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and user trust.

S

SIA ZZ Dats

epakalpojumi.lv

59

The website epakalpojumi. lv serves as a comprehensive e-government portal for Latvia, providing integrated electronic services that aggregate data from municipalities, state institutions, and commercial entities.

PDW Logistik GmbH operates as a logistics and delivery service provider specializing in the distribution of print media within Austria. As part of the Mediaprintkonzern, it manages the home delivery of approximately 475,000 daily print media items and supports self-service sales through dedicated devices. The website targets print media distributors, delivery partners, and customers, emphasizing recruitment of delivery partners and service information. The business model focuses on logistics services within the media sector, positioning PDW as a key player in Austrian print media distribution. Technically, the website employs a traditional Apache server with a frontend built on Bootstrap 4.5.2, jQuery, and FontAwesome Pro. While the site is mobile optimized and uses modern libraries, it lacks HTTPS support, which is a significant security and trust concern. Performance metrics are unavailable or incomplete, but the site structure and navigation are clear and professional. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented via Didomi. From a security perspective, the absence of a valid SSL certificate and HTTPS support critically undermines the site's security posture. No advanced security headers or vulnerability disclosure policies are present. Cookies are set with HttpOnly flags, but the lack of encryption exposes users to potential risks. The domain registration data is consistent with the business identity, indicating legitimacy, but the security gaps pose risks to user trust and data protection. Overall, PDW Logistik GmbH's website is professionally designed and content-rich but requires urgent security improvements, particularly the implementation of HTTPS and enhanced security headers. Strengthening these areas will improve user trust, compliance, and overall digital maturity.

Bharat Fritz Werner Ltd. (BFW) is a well-established Indian manufacturer specializing in Vertical Machining Centers (VMCs) and CNC machine tools, boasting over 60,000 global installations. The company targets industrial manufacturing sectors and offers an online platform for machine enquiries and purchases. The website reflects a professional and consistent brand presence with clear contact details and social media integration. Technically, the site uses a modern JavaScript and CSS stack including jQuery, Bootstrap, and FontAwesome, hosted on GoDaddy infrastructure. However, the absence of a valid SSL certificate and HTTPS significantly undermines the security posture. While forms implement CSRF tokens and OTP verification, the lack of HTTPS and security headers exposes users to risks. Privacy compliance is minimal, with no cookie consent mechanism despite cookie usage. Overall, the site is functional and business-focused but requires urgent security improvements to protect user data and enhance trust.

Nice Software B.V. operates the paranice.nl website, providing specialized software solutions for paramedical care, medical specialist rehabilitation, and geriatric rehabilitation in the Netherlands. Their offerings include electronic patient dossiers (EPD), planning, declaration management, and mobile applications tailored to healthcare providers. The company targets healthcare institutions such as hospitals, rehabilitation centers, and care organizations, positioning itself as an established player with a mature domain and active partnerships. The website content is professional, well-structured, and provides clear contact channels, supporting a positive business image. Technically, the website uses a traditional web stack with jQuery, Bootstrap, and several JavaScript libraries. Hosting and domain registration are managed by Claranet Benelux B.V., a reputable provider. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. The site implements Google Analytics and Google reCAPTCHA v3 for analytics and bot protection, and it includes GDPR-compliant privacy and cookie policies with consent mechanisms. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture. Minimal security headers and lack of DNSSEC or domain protection locks further reduce security confidence. While forms use reCAPTCHA and secure cookies, the overall security configuration is basic and requires urgent improvement to protect user data and maintain trust. Overall, the website is functional and business-appropriate but suffers from critical security shortcomings. Addressing SSL/TLS issues and enhancing security headers would significantly improve the security posture and user trust. The business appears legitimate and established, but the security gaps present risks that should be prioritized.

M

Montessori Campus Wien Hütteldorf

montessoricampus.at

30

Montessori Campus Wien Hütteldorf is an established educational institution in Vienna, Austria, providing Montessori-based education from early childhood through secondary levels, including the International Baccalaureate Diploma Programme. Founded in 1995, it targets parents seeking comprehensive Montessori education for children aged 0 to 18 years. The website offers detailed pedagogical content, program descriptions, and contact information, reflecting a strong educational focus and community engagement. Technically, the site uses standard web technologies including jQuery and CSS, but lacks modern CMS or advanced frameworks. Security posture is moderate with no visible HTTPS confirmation or security headers, and the use of an outdated jQuery version presents potential vulnerabilities. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but would benefit from improved security and privacy practices.

F

fortunasports

helpsole.com

38

Fortunasports is an Indonesian online sports betting platform offering live sports schedules, competitive odds, and live betting with streaming features. The website serves as a front-facing portal but heavily links to an external domain fortunasports.xyz, which likely hosts the main service. The site uses common frontend technologies such as Bootstrap and jQuery but lacks modern SEO, accessibility, and security best practices. No privacy or cookie policies are present, and no company contact information is provided, which reduces user trust and compliance with data protection regulations. Security posture is weak due to absence of HTTPS and security headers. Overall, the site appears functional but lacks professionalism and transparency, posing risks to users and limiting business credibility.

S

SIPRIN, s.r.o.

siprin.sk

46

SIPRIN, s.r.o. is a well-established Slovak subsidiary of Siemens, specializing in industrial automation, maintenance outsourcing, and technical training. Founded in 1999, the company leverages Siemens technologies to provide engineering, maintenance, and educational services primarily to industrial clients. The website reflects a mature digital presence with comprehensive service and training descriptions, clear contact channels, and strong compliance messaging. Technically, the site uses a modern tech stack including Bootstrap and jQuery, with good mobile responsiveness and user experience. Security posture is solid with HTTPS and a detailed compliance program, though some security headers could be improved. No blocking or WAF interference was detected, allowing full content access. Overall, the site projects professionalism, trustworthiness, and alignment with Siemens corporate standards.

GÜNTHER Heisskanaltechnik GmbH is a medium-sized German manufacturer specializing in hot runner and cold runner systems for injection molding applications, serving plastics and silicone processing industries globally. The company positions itself as a technology leader with over 40 years of expertise, offering innovative, energy-efficient, and reliable solutions. Their website reflects a professional and comprehensive digital presence, featuring detailed product information, technical services, and customer support including augmented reality assistance and seminars. The technical infrastructure is based on the Contao CMS with modern JavaScript libraries, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in security headers and cookie consent mechanisms. Business credibility is high, supported by certifications such as ISO 9001 and ISO 14001, and consistent domain registration data. Overall, the website is trustworthy, well-maintained, and aligned with the company's business objectives.

D

Diakon

diakon.org

35

Diakon is a well-established non-profit organization founded in 1868, providing a broad range of social services including adoption, foster care, behavioral health, affordable housing, and senior services. The organization targets children, youth, families, and older adults, serving nearly 70,000 individuals annually. Their market position is strong within the non-profit social services sector, supported by a consistent brand presence and multiple service offerings. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Google Tag Manager, indicating moderate digital maturity. The site is mobile-optimized with good navigation and content relevance. Security posture is adequate with HTTPS usage and CSRF protections, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy, with room for improvement in security and privacy transparency.

G

Global Voices

globalvoices.org

31

Global Voices is a reputable international non-profit media organization founded in 2005, focusing on multilingual journalism, digital rights, and human rights advocacy. The website serves a global audience with rich, regularly updated content and a strong contributor network. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager, Plausible Analytics, and Mailchimp. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security gap. Privacy compliance is moderate, with a comprehensive privacy policy but no cookie consent mechanism detected. Overall, the website demonstrates excellent content quality and business credibility but requires urgent security improvements to protect user data and enhance trust.

S

s-team IT solutions GmbH

s-team.at

38

s-team IT solutions GmbH is a small Austrian IT services company based in Vienna, specializing in IT infrastructure, server maintenance, virtualization, and custom web development. Established in 2002, it serves a diverse clientele including small and large companies as well as public organizations. The website reflects a professional and consistent brand presence with clear contact information and client testimonials, indicating a trustworthy business. Technically, the site runs on Contao CMS with common JavaScript libraries but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS exposes visitors to potential data interception risks. Security headers are well configured, but the lack of modern TLS protocols and HSTS reduces the overall security posture. Privacy compliance is partially met with a GDPR-compliant privacy policy but no cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect users and enhance trust.

D

daten-strom.Medical-IT-Services GmbH

datenstrom.net

19

daten-strom.Medical-IT-Services GmbH is a specialized small business focused on providing secure digital transformation services in the healthcare sector, including IT security, telematics, and data protection for medical and care facilities in Germany and Austria. Their website presents a professional image with comprehensive content targeting healthcare providers such as doctors, therapists, and care institutions. Technically, the site is built on the Contao CMS platform using common web technologies like jQuery and Revolution Slider, with good mobile optimization and user experience. However, the absence of HTTPS and valid SSL certificates represents a critical security vulnerability, exposing users to potential data interception risks. The website includes privacy and cookie policies with consent mechanisms, reflecting GDPR compliance efforts, but lacks explicit terms of service and security policy documentation. DNS records for the domain are missing, raising concerns about domain configuration and legitimacy. Overall, while the business content and presentation are solid, significant improvements in security infrastructure are urgently needed to protect sensitive healthcare data and enhance trust.

L

Logwin AG

logwin-logistics.com

40

Logwin AG operates an international logistics and transportation services website offering a broad range of services including sea freight, air freight, warehousing, and transport management. The company targets businesses requiring reliable logistics solutions and positions itself as a professional and dedicated provider with a worldwide network. The website is built on TYPO3 CMS and uses modern frontend technologies such as jQuery and Fancybox, providing a good user experience with clear navigation and professional design. However, the technical infrastructure shows weaknesses, notably the absence of a valid SSL certificate and lack of TLS protocol support, which significantly impacts the security posture. Security headers are partially implemented, and privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is limited to a contact form, with no explicit emails or phone numbers found. Overall, the website is functional and professional but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

G

GLATZ Gruppe

glatz.at

24

GLATZ Gruppe is a medium-sized family-owned manufacturing and service business based in Austria, specializing in stamps, printing plates, and packaging management solutions. The company operates multiple subsidiaries and maintains a professional online presence with detailed contact information and active social media channels. Technically, the website is built on Contao CMS and uses modern JavaScript libraries, but suffers from critical security shortcomings such as lack of HTTPS and valid SSL certificates. Privacy compliance is well addressed with comprehensive cookie consent and privacy policies. The absence of a valid SSL certificate and missing DNS records reduce the overall trust and security posture, posing risks to user data confidentiality and site integrity. Strategic improvements in SSL deployment and DNS configuration are essential to enhance security and trust.

C

Controller Institut s.r.o.

controlling.cz

24

Controller Institut s.r.o. is a well-established Czech education provider specializing in finance and controlling training, offering seminars, certified cycles, online courses, corporate training, and mentoring. The company targets finance professionals and controllers seeking practical and certified education. The website reflects a mature business with 30 years of market presence and a strong focus on quality content and professional services. Technically, the site uses a custom CMS with popular JavaScript libraries and marketing tools but lacks modern security measures such as HTTPS, which is a critical vulnerability. The security posture is weak due to the absence of SSL/TLS and related security headers, exposing users to risks. Privacy compliance is partial, with no active cookie consent mechanism despite tracking scripts in use. Overall, the business credibility is high, supported by consistent WHOIS data and clear contact information. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect users.

KAICIID is an intergovernmental organization dedicated to promoting intercultural and interreligious dialogue to foster peace globally. The website reflects a mature organization with a clear mission, targeting religious leaders, educators, and policymakers. It offers capacity building, dialogue platforms, and regional initiatives. Technically, the site is built on Drupal 10 with modern frontend libraries and hosted on Pantheon, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is basic, with no cookie consent mechanisms despite tracking scripts. Contact information and social media presence are well established, supporting business credibility. Overall, the site is professional and content-rich but requires urgent security improvements.

Q

QuoVadis

quovadisglobal.com

34

QuoVadis, now a part of DigiCert, is a well-established international Certification Service Provider specializing in digital certificates, SSL/TLS, managed PKI, digital signature solutions, and root signing. The company holds strong accreditations such as WebTrust and ETSI and serves a broad clientele including top banks, e-commerce sites, and Fortune 500 companies primarily in Europe and Bermuda. Their business model focuses on providing high-assurance digital identity and security services with local compliance and disaster recovery capabilities. The website reflects a professional and consistent brand presence with comprehensive service offerings and multiple country offices.

H

Hotel Das Innsbruck GmbH & CO. KG

hotelinnsbruck.com

38

Hotel Das Innsbruck GmbH & CO. KG operates a 4-star hotel located in the historic center of Innsbruck, Austria. The business offers a range of hospitality services including accommodation, wellness and spa facilities, conference and seminar hosting, and dining options. The website is professionally designed with excellent content quality and clear navigation, targeting tourists and business travelers seeking premium lodging and event services in Innsbruck. The company has a strong market position supported by recognized certifications such as the TripAdvisor Certificate of Excellence and Gault Millau recommendations. Technically, the website uses a modern CMS (Condeon) and popular JavaScript libraries, but suffers from slow performance and lacks HTTPS, which is a critical security gap. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is high with transparent contact information and structured data markup.

K

Kammer für Arbeiter und Angestellte für Wien

akwien.at

40

The website akwien.at represents the Kammer für Arbeiter und Angestellte für Wien, a government-related non-profit organization advocating for workers' rights and social services in Vienna, Austria. The site offers comprehensive information and services including legal advice, consumer protection, educational resources, and digitalization funding. It targets employees and workers in Vienna, providing a rich content experience with clear navigation and strong branding. Technically, the site is built on a Gentics Portal CMS with a modern tech stack including jQuery, Bootstrap, Matomo Analytics, and Usercentrics for consent management. Hosting is provided by Anexia. While the site is mobile optimized and accessible, performance metrics indicate slow loading, and the SSL/TLS configuration is currently invalid, which is a critical security concern. Security posture is moderate with several security headers implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security score. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism in place. Business credibility is high due to consistent branding, official contact information, and alignment with WHOIS data. Overall, the site is a professional and trustworthy resource for workers in Vienna but requires urgent improvements in SSL/TLS configuration and performance optimization to enhance security and user experience.

T

TAL Aviation Group

talaviation.com

40

TAL Aviation Group is a well-established airline representation and travel services company with a global presence and a history dating back to 1987. The company offers a broad range of services including passenger and cargo GSA, airline distribution, destination marketing, tourism services, and digital marketing solutions. Their website reflects a professional and consistent brand image targeting airlines, tourism boards, and travel technology companies worldwide. Technically, the website uses a custom CMS with legacy jQuery libraries and integrates common marketing and analytics tools such as Google Analytics and Outbrain. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are implemented but cannot compensate for the lack of encryption. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, indicating awareness of GDPR requirements. Overall, the website is functional and credible but requires urgent security improvements to meet modern standards.

B

Brick & Patel LLP

brickpatel.com

40

Brick & Patel LLP is a small legal services firm specializing in trust and estate planning and administration, serving clients primarily in several US states including New York and Florida. The website provides basic information about the firm's services and geographic focus but lacks detailed contact information and modern web features. Technically, the site is built on an Apache server using older JavaScript libraries and Cloudfront CDN for some assets. However, the site lacks a valid SSL certificate, resulting in no HTTPS support despite security headers indicating HSTS, which undermines user trust and security. Privacy compliance is minimal with no cookie consent mechanism and only a basic privacy policy present. Business credibility is supported by a mature domain and consistent WHOIS data, but the overall digital maturity is low. Security posture is weak due to missing SSL and outdated libraries, posing risks to visitors and the firm's reputation. Strategic improvements should focus on securing the site with valid SSL, updating technology stack, and enhancing privacy and security policies to meet modern standards.

S

Sport England

sportengland.org

37

Sport England is a UK government-related non-profit organization dedicated to promoting sport and physical activity across England. The website serves as a comprehensive resource hub offering funding opportunities, research data, guidance, and campaigns to support various stakeholders including volunteers, grassroots organizers, schools, and national governing bodies. The organization is primarily funded by the National Lottery, which is prominently acknowledged on the site. The website is professionally designed with clear navigation and strong branding consistency, targeting a broad audience involved in sport and physical activity.

G

GIG Fassaden GmbH

gig.at

32

GIG Fassaden GmbH is a medium-sized Austrian company specializing in premium metal and glass facade solutions for international architecture projects. Their business model focuses on B2B services including design, engineering, prototyping, manufacturing, installation, maintenance, and renovation of building envelopes. The company maintains a strong market position with a consistent brand presence and comprehensive service offerings. Technically, the website is built on WordPress with modern libraries and plugins, optimized for SEO and mobile responsiveness. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

M

Mobile & Wireless Forum

mwfai.org

25

The Mobile & Wireless Forum is an international association focused on mobile and wireless communications, including emerging technologies such as 5G and the Internet of Things. It operates as a membership organization providing resources, publications, events, and advocacy on key industry issues like accessibility, electromagnetic field health, SAR compliance, counterfeit devices, and e-labelling. The website serves as a hub linking to multiple related sites and social media channels, targeting companies and professionals in the telecommunications sector. Technically, the website is built on a Microsoft IIS 10.0 server using ASP.NET and ColdFusion technology. It employs common JavaScript libraries such as jQuery and jQuery UI and uses a responsive navigation plugin (SlickNav). Hosting is provided by Hostek. However, the site lacks HTTPS support and modern TLS protocols, which is a critical security shortfall. Performance metrics are not available, but the site shows basic mobile optimization and accessibility features. From a security perspective, the absence of a valid SSL certificate and HTTPS is the most significant vulnerability, severely impacting the site's security posture. Other security best practices such as HSTS, OCSP stapling, and modern cipher suites are missing. The site does implement HttpOnly and Secure flags on cookies and has a visible cookie consent mechanism aligned with GDPR compliance. No explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are published. Overall, the site is functional and provides relevant content with good navigation and professional design. However, the lack of HTTPS and modern security configurations poses a risk to user data and trust. Strategic improvements in security infrastructure and transparency would enhance the site's credibility and compliance standing.

Electro Terminal GmbH & Co KG is a medium-sized Austrian manufacturer specializing in connection technology for lighting, household appliances, and electrical installations. With over 60 years of experience and recognized innovation awards, the company serves OEMs and manufacturers with development, manufacturing, and distribution of connectors and related components. The website is built on TYPO3 CMS with modern frontend libraries and includes clear business and contact information, social media presence, and compliance-related pages such as privacy and cookie policies. However, the absence of HTTPS/SSL is a critical security vulnerability that significantly impacts the site's security posture. While cookie consent mechanisms and privacy policies are in place, no explicit security policy or incident response information is found. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements.

MS Design GmbH is a medium-sized manufacturing company based in Tirol, Austria, specializing as a system supplier to the automotive industry. Founded in 1983, the company offers comprehensive services from design and prototyping to production start, emphasizing quality, innovation, and customer satisfaction. Their market position is supported by multiple certifications including IATF 16949 and ISO standards, reflecting a strong commitment to quality and environmental management. Technically, the website is built on TYPO3 CMS with a modern but basic technology stack including jQuery and various UI libraries. While the site is well-structured, mobile-optimized, and SEO-friendly, it lacks HTTPS support and a valid SSL certificate, which is a critical security gap. The hosting environment appears to be a Plesk-managed Apache server without advanced security configurations such as HSTS or DNSSEC. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture. Although some security headers are present and email obfuscation is implemented, the lack of encryption exposes users to risks. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms, but incident response and vulnerability disclosure information are missing. Overall, the website demonstrates good business credibility and content quality but suffers from critical security shortcomings. Strategic improvements in SSL implementation and enhanced security headers are recommended to elevate trust and compliance.