Security Directory

B

BILTON LEDON Technology GmbH

biltongroup.com

40

BILTON LEDON Technology GmbH operates under the brand Better Light, specializing in high-quality LED lighting solutions manufactured in Austria. The company leverages its expertise from established LED brands BILTON and LEDON to offer a broad portfolio including LED strips, profiles, power supplies, and lighting management systems. Their market position is solidified by a mature domain and professional online presence targeting architects, industrial clients, and lighting professionals. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes Google Analytics for user tracking. However, performance is slow and security headers are minimal, indicating room for improvement in technical optimization and security hardening. The SSL certificate is valid but nearing expiration, and no advanced security features like HSTS or OCSP stapling are enabled. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the site demonstrates good business credibility and trustworthiness but would benefit from enhanced security practices and performance optimization.

E

Evelyn Partners

tilney.co.uk

40

Evelyn Partners is a well-established UK-based wealth management firm offering a comprehensive range of financial planning and investment management services. The company positions itself as a leader in the UK market with significant assets under management and a broad client base including individuals, families, entrepreneurs, and professional partners. Their website reflects a mature, professional business with strong branding, clear service offerings, and multiple client engagement channels including forms and contact options. Technically, the website leverages modern JavaScript frameworks and is hosted on Microsoft Azure, with good SEO and accessibility practices. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses a critical risk to user trust and data security. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and credible but requires urgent remediation of SSL issues to ensure secure client interactions.

S

SHP Harmanec, a.s.

shpgroup.eu

26

SHP Harmanec, a.s. operates a corporate website focused on paper hygiene products for household and professional use, with a history dating back to 1829. The company positions itself as a trusted regional manufacturer with a consistent brand presence and active engagement through social media and newsletters. The website is built on WordPress with modern front-end technologies such as Bootstrap and jQuery, supported by SEO tools like Yoast and analytics via Google Analytics and Tag Manager. However, the absence of HTTPS/SSL is a critical security gap that exposes users to risks and undermines trust. Privacy and cookie policies are well implemented with GDPR compliance and consent mechanisms. Contact information is clearly presented, including phone numbers, physical address, and contact forms. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements.

M

Mi Envío Entidad de Pago, S.L.

fonmoney.com

40

Fonmoney is an online financial services platform specializing in international money transfers and mobile top-ups. The company operates under Mi Envío Entidad de Pago, S.L., a subsidiary of Transpaygo Limited, and is regulated by the FCA and registered with the Bank of Spain. The platform targets individuals and families seeking fast, easy, and secure ways to send money or mobile credit internationally, with a presence in multiple countries through localized subdomains. Technically, the website uses the nopCommerce platform, integrates common marketing and analytics tools such as Google Analytics and Sendinblue, and is hosted behind Cloudflare. While the site offers good content quality, mobile optimization, and SEO practices, its performance is slow and accessibility features are basic. Critically, the site lacks a valid SSL certificate, resulting in no HTTPS protection, which is a major security concern. From a security perspective, the absence of HTTPS and security headers significantly lowers the security posture. No explicit security or incident response policies are published, and no direct contact emails or phone numbers are provided, limiting transparency. However, the site includes cookie consent with an opt-in mechanism and privacy policies indicating GDPR compliance. Overall, Fonmoney presents a moderately credible and professional financial service with strong regulatory backing but suffers from critical security implementation gaps. Immediate remediation of SSL issues and enhancement of security policies are recommended to improve trust and compliance.

1

188BET

essentrapackaging.com

34

188BET is an established online gambling platform targeting the Indonesian market, offering live casino, sportsbook, and slot games. The website presents professional content and branding consistent with a large-scale gambling business, including sponsorships and multiple payment options. Technically, the site is built on WordPress with common SEO and performance plugins but lacks HTTPS, which severely impacts security posture. The absence of privacy and cookie consent mechanisms further reduces compliance maturity. The domain is very young and expiring soon, which conflicts with the claimed founding year of 2006, raising some concerns about domain history or rebranding. Overall, the site is functional and content-rich but requires significant security and compliance improvements.

L

Lionbridge

lionbridge.com

40

Lionbridge is a mature, enterprise-level global language services provider specializing in translation, localization, AI data services, and content creation for diverse industries including technology, healthcare, finance, and e-commerce. The company leverages advanced AI and automation tools to deliver multilingual content solutions, positioning itself as a leader in the digital-first economy. The website reflects a strong brand presence with excellent content quality, comprehensive service offerings, and a global reach supported by multiple language options and localized content. Technically, the website is built on Adobe Experience Manager with integrations of modern marketing and analytics technologies such as Marketo, OneTrust, Vidyard, and Google Analytics. The site is mobile optimized and SEO friendly, with good accessibility features. However, the SSL/TLS configuration is currently broken, lacking a valid certificate and modern TLS protocol support, which significantly impacts the security posture. Security-wise, the site implements strong security headers and content security policies but suffers from critical SSL issues that must be addressed to ensure secure communications. Privacy compliance is well handled with clear cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by long domain age, strong WHOIS data consistency, ISO certifications, and visible trust indicators such as customer testimonials and case studies. Overall, Lionbridge presents a professional and trustworthy digital presence with advanced technological adoption but requires urgent remediation of SSL/TLS issues to maintain security standards and user trust.

I

Identity Protection Service

impactory.org

31

The website impactory.org represents a digital presence with minimal visible content and lacks explicit business descriptions or contact information. The domain is registered to 'Identity Protection Service' in Great Britain and has a mature registration age of 6 years, indicating a stable domain ownership. The site uses common marketing and analytics technologies such as Google Tag Manager, Google Analytics, Stripe.js for payments, and Drift for live chat, suggesting some level of digital maturity. However, the absence of visible business content, privacy policies, and contact details limits the site's transparency and user trust. Technically, the site is served via Apache but lacks a valid SSL/TLS certificate, resulting in no HTTPS support. This is a critical security deficiency that severely impacts the site's security posture and user trust. The HTTP headers do not include modern security headers, and no DNSSEC or domain protection mechanisms are enabled, which further reduces the security robustness. Performance metrics are unavailable, but the lack of optimization and minimal content suggest a slow and basic user experience. From a security perspective, the absence of HTTPS and security headers exposes users to risks such as data interception and man-in-the-middle attacks. No privacy or cookie policies are present, indicating poor compliance with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is available, which is a concern for security transparency. The domain WHOIS data is consistent and legitimate but lacks protective measures like domain locks or DNSSEC. Overall, the website's risk profile is elevated due to critical security gaps and lack of transparency. Strategic recommendations include immediate implementation of HTTPS with a valid SSL certificate, addition of privacy and cookie policies to comply with regulations, enhancement of security headers, and publication of contact and security incident response information to improve trust and compliance.

I

IKG Group AB

ikg.se

19

IKG Group AB is a mature Swedish technical consulting company specializing in engineering services for product development firms. With over 28 years of domain age and a presence in ten Swedish cities, the company offers a broad range of engineering disciplines including software development, mechanics, IT systems, electrical construction, and project management. The website reflects a professional business with consistent branding and a clear focus on technical consulting services. Technically, the site uses an older jQuery-based stack combined with modern analytics tools like Google Analytics and Tag Manager. However, the website suffers from significant security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which exposes visitors to risks and reduces trust. Privacy compliance is basic, with a cookie consent banner present but no visible privacy policy or terms of service. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is functional but requires urgent security improvements to protect users and enhance credibility.

M

MIT

marmit.co.za

23

MIT is a specialized manufacturer and supplier of professional and calibrated light and UV meters in Africa, with a strong market position as the only manufacturer of such instruments on the continent. They also provide custom solutions for radiation measurement and imaging sourced from global manufacturers, including the Goldilux series of light meters and Tissuegnostics products. The website is built on WordPress with Elementor and includes detailed product information, staff profiles, and partner testimonials, indicating a professional digital presence. However, the lack of HTTPS and security headers represents a significant security risk. The site uses Google Analytics for user tracking but lacks comprehensive privacy and cookie policies, which may impact compliance. Overall, the business appears credible and focused on niche industrial and scientific markets in South Africa, but improvements in security and privacy compliance are recommended.

D

dm drogerie markt

dm-drogeriemarkt.at

40

dm drogerie markt is a leading retail company in Austria specializing in drugstore products with a strong online presence. The website serves as a platform for product search, store availability, and customer engagement, targeting Austrian consumers. The technical infrastructure leverages modern JavaScript frameworks and integrates multiple third-party services for analytics, marketing, and user consent management. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are well implemented, but the absence of HTTPS severely impacts the overall security posture. Privacy compliance is minimal with no detected privacy or cookie policies in the provided content. Business credibility is strong given the consistent domain registration and professional website design.

MBM Intellectual Property Law LLP is a Canadian intellectual property law firm providing services such as patents, trademarks, copyright protection, and litigation. The firm targets Canadian and international clients and operates multiple offices across Canada. The website content reflects a professional legal service provider with a moderate market position in the IP law sector. Technically, the website is built on outdated Joomla 1.7 CMS and PHP 5.5.9, lacks HTTPS encryption, and shows no evidence of modern security or privacy compliance practices. Security posture is weak due to missing SSL, outdated software, and lack of security headers. Privacy compliance is poor with no visible privacy or cookie policies. Overall, the website presents moderate business credibility but requires urgent technical and security improvements to protect client data and enhance trust.

THQ Nordic GmbH is a global video game publisher and developer founded in 2011, operating primarily in the media industry with a focus on video game publishing, development, and sales. The company maintains a strong market position with multiple subsidiaries and a broad portfolio of game titles, targeting gamers, content creators, and trade partners. The website reflects a professional business model with clear navigation, consistent branding, and a comprehensive online presence including an online store and limited print runs. Technically, the site is built on Drupal 9 with modern front-end libraries and integrates Google Analytics for user tracking. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture. Security headers are present but insufficient to compensate for the lack of encryption. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy and terms of service pages. The WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

L

Linz Center of Mechatronics GmbH

lcm.at

29

Linz Center of Mechatronics GmbH (LCM) is a medium-sized Austrian research and development service provider specializing in mechatronics and manufacturing technologies. The company supports medium and large enterprises in sectors such as machinery, automotive, and medical technology by integrating scientific research into practical, economically viable solutions. Their services include integrated hydraulic and electrical drive systems, vibration technology, Industrial IoT, measurement services, and transformation consulting. The website is professionally designed, multilingual, and targets industrial clients seeking innovation and sustainability improvements. Technically, the site runs on WordPress with the Divi theme and includes modern SEO and multilingual plugins, but suffers from slow load times and lacks a valid SSL certificate, which impacts security posture. Security measures include GDPR-compliant cookie consent and captcha-protected contact forms, but the absence of HTTPS and security headers are critical vulnerabilities. Overall, LCM presents a credible and professional digital presence aligned with its business objectives, but should urgently address SSL and security header issues to improve trust and compliance.

E

EBOS Healthcare

eboshealthcare.com.au

21

EBOS Healthcare Australia operates as a leading distributor of medical supplies and equipment targeting primary care, aged care, and hospital sectors within Australia. The website presents a comprehensive catalog of healthcare products and maintains a professional online presence with consistent branding and detailed business descriptions. The company leverages modern marketing and analytics tools including Google Analytics, Google Tag Manager, Marketo, and Application Insights, indicating a mature digital marketing strategy. However, the technical infrastructure shows critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture and user trust. The lack of security headers and cookie consent mechanisms further exposes the site to potential risks and compliance issues. Overall, while the business model and content quality are strong, the security vulnerabilities present significant risks that should be addressed promptly to protect user data and maintain regulatory compliance.

W

WunderLand Group

wunderlandgroup.com

37

WunderLand Group is a mature, medium-sized staffing solutions firm specializing in digital, creative, and marketing workforce services. The company offers a broad range of expertise including UX design, content editing, front-end development, and project management. Their market position is supported by strong client and consultant testimonials and industry awards such as the Best of Staffing®. Technically, the website is built on WordPress with Elementor and uses a variety of modern JavaScript libraries and marketing tools, hosted on WP Engine with Cloudflare CDN. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks and undermining trust. Privacy compliance is partially addressed with a cookie consent mechanism, but GDPR compliance is not clearly demonstrated. Overall, the business credibility is solid, but the security weaknesses require urgent remediation.

7

7LYTIX GMBH

7lytix.com

40

7LYTIX GMBH is a mature Austrian AI software company specializing in Action Intelligence solutions that optimize business processes such as predictive maintenance, supply chain management, and intelligent personalization. Recently acquired by the KEBA Group, 7LYTIX targets medium to large enterprises in manufacturing, retail, logistics, finance, and media sectors. The website reflects a professional and consistent brand presence with clear business information and customer trust indicators. Technically, the site uses modern JavaScript libraries and frameworks like Bootstrap and jQuery, with analytics implemented via Google Analytics and Matomo. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found on the site. Overall, the business credibility is strong, but the security configuration requires urgent improvement to protect user data and maintain trust.

D

Danube Shipping Management Service GmbH

dsms.at

23

Danube Shipping Management Service GmbH is a medium-sized logistics and shipping management company based in Vienna, Austria, established in 1991. The company ranks among the top 50 logistics providers in Austria and offers key services including transport, agency, and port management. Their business model focuses on providing comprehensive logistics solutions to industrial clients such as Voestalpine and HBIS. The website reflects a professional business presence with clear branding and relevant content targeted at business customers in the transportation sector. Technically, the website is built on WordPress and uses common web technologies such as jQuery, Google Analytics, and Yoast SEO for optimization. However, the site suffers from slow load times and lacks modern security configurations. The absence of a valid SSL certificate and HTTPS support is a critical vulnerability, exposing users to potential data interception risks. The site also lacks cookie consent mechanisms and comprehensive privacy compliance features, which may pose regulatory risks under GDPR. From a security perspective, the website has significant weaknesses including no HTTPS, no security headers, and no incident response or vulnerability disclosure information. While the company holds recognized certifications such as ISO 9001:2015 and FIATA, the digital security posture is weak and requires urgent improvements to protect business and customer data. Overall, the website demonstrates moderate business credibility and content quality but is hindered by poor security practices and compliance gaps. Strategic recommendations include immediate SSL implementation, enhanced privacy compliance, and adoption of security best practices to improve trust and reduce risk.

G

Geiger.com

geiger.com

40

Geiger.com is a large, family-owned US-based distributor specializing in promotional products, corporate gifts, and imprinted apparel. The company positions itself as the largest family-owned promotional product distributor in the US, serving a broad business audience with a comprehensive product catalog and services including custom products, kitting, corporate programs, and expos. The website reflects a mature digital presence with extensive product categories, client brand logos, and active social media engagement. Technically, the website uses modern JavaScript frameworks such as Vue.js and Bootstrap 5, hosted likely on AWS infrastructure. Marketing and analytics tools include Google Tag Manager, Google Analytics, Osano CMP for consent management, Filestack for file handling, and Searchspring for search functionality. The site is mobile-optimized and accessible with good SEO practices, though performance metrics indicate slow loading. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, key TLS protocols and best practices like HSTS, OCSP stapling, and session resumption are not enabled. No incident response or vulnerability disclosure policies are found. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professionally designed and credible from a business standpoint but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security headers and protocols, implementing cookie consent, and publishing incident response information.

L

LVA GmbH

lva-gmbh.at

37

LVA GmbH is a well-established Austrian company specializing in food safety, quality control, certification, and training services primarily targeting the food, cosmetics, pharmaceutical, and supplement industries. Founded in 1926, it holds a strong market position as a leading competence center in the Central and Eastern European region, serving clients in over 80 countries. The company offers a comprehensive portfolio including laboratory analyses, expert assessments, inspections, research, and educational seminars. Technically, the website is built on WordPress with modern SEO and cookie consent tools, but lacks a valid SSL certificate, which impacts security and user trust. The security posture is basic with no HTTPS, no HSTS, and missing advanced security headers, exposing the site to potential risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to align with best practices.

sprungbrett.at is an Austrian job platform focused on connecting job seekers with employment opportunities primarily in commercial and technical sectors. The website offers job listings, initiative application options, and personnel search services for companies. It targets job seekers in Austria and positions itself as a regional recruitment service with a professional and user-friendly interface. Technically, the site uses a Contao CMS backend with PHP 7.4 and nginx server, integrating common web technologies such as jQuery, Google Analytics, Google Maps API, and ShareThis for social sharing. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. Security headers are present but undermined by the absence of HTTPS. Privacy compliance is weak, with no visible privacy or cookie policies. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and compliance improvements.

C

Chrisanne Clover

chrisanne.com

38

Chrisanne Clover operates a professional e-commerce platform specializing in premium dancewear, including competition couture, practice wear, fabrics, and crystals. The company targets dancers and dance enthusiasts, offering bespoke couture services and a wide product range. The website is built on Magento and hosted behind Cloudflare, leveraging modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for privacy compliance. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly weakens its security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the business presents itself as a reputable and established player in the dancewear retail sector, but urgent improvements in security infrastructure are recommended to protect customer data and enhance trust.

G

GS1 Austria

gs1.at

40

GS1 Austria is a well-established non-profit organization serving as the official barcode and GTIN issuing authority in Austria. It provides a comprehensive suite of GS1 standards and services to businesses across multiple sectors including retail, manufacturing, transportation, and government. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding supported by major corporate clients. Technically, the site is built on Drupal 10 with modern JavaScript libraries and integrates Google analytics and marketing tools, but suffers from a critical lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Contact information is primarily via contact forms, with no direct emails or phone numbers publicly listed. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to improve security and user trust.

M

MWS

mws.eu

21

MWS is an international market leader specializing in aluminum casting technologies including sand casting, permanent mold casting, and low-pressure casting. The company offers comprehensive services from development and prototyping to series production and mechanical processing, targeting industrial sectors such as automotive, electromobility, and transportation. The website is built on Concrete CMS and employs standard web technologies with Google Analytics for user tracking. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are well implemented and GDPR compliant, but no explicit terms of service or security policies are present. Overall, the site presents professional content and clear navigation but requires urgent security improvements.

B

BoehlerBrothers GmbH

boehlerbrothers.com

51

BoehlerBrothers GmbH is a small technology company based in Vorarlberg, Austria, specializing in app and web development, technology consulting, and artificial intelligence solutions. The company positions itself as a regional innovator with a strong focus on digital transformation and partnerships with reputable local and regional businesses. Their website reflects a professional and modern digital presence built on Next.js and React technologies, hosted via Cloudflare, and integrates marketing and feedback tools such as Google Analytics and Gleap. However, the site suffers from a critical security deficiency due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts the security posture and user trust. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is evident. Contact information is clearly provided, enhancing business credibility. Overall, the website is content-rich and professionally designed but requires urgent security improvements to meet modern standards.

I

Innconcepts IT GmbH

innconcepts.at

40

Innconcepts IT GmbH is a specialized Oracle Partner providing innovative hospitality software solutions tailored for hotels, gastronomy, and wellness sectors. Their offerings include cloud-based hotel and restaurant management software, wellness and leisure software, and comprehensive hospitality IT services. The company positions itself as a customer-centric and authentic partner, emphasizing personalized service and modern technology adoption. The website reflects a professional and consistent brand image with excellent content quality and clear messaging targeting hospitality industry professionals. Technically, the website is built on Drupal 10 CMS, hosted on Apache servers with modern JavaScript libraries such as Alpine.js and AOS for animations. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside a compliant cookie consent mechanism. Performance is fast, mobile optimization is excellent, and SEO practices are good. Security headers are present, and the SSL certificate is valid, although HSTS is not enabled, which is a recommended improvement. From a security perspective, the site demonstrates good baseline security practices with no detected vulnerabilities or exposed sensitive data. However, the absence of a dedicated security policy or incident response contact and lack of security.txt file indicates room for maturity improvement. Privacy compliance is well addressed with cookie consent and a privacy policy, but terms of service and data protection officer contact details are missing. Overall, the website and business present a trustworthy and professional front with moderate to high security posture and good privacy compliance. Strategic recommendations include enabling HSTS, publishing a security policy and vulnerability disclosure mechanism, and enhancing transparency around incident response to further strengthen trust and security culture.

dormakaba Holding is a globally recognized leader in smart and secure access solutions, providing a comprehensive range of products and services for secure access to buildings and rooms. The company operates internationally with a strong presence in multiple countries and serves diverse markets including security, technology, and manufacturing sectors. The website reflects a mature, well-established business with a clear focus on innovation, sustainability, and customer engagement. Technically, the site leverages modern frameworks such as Vue.js and Contentful CMS, ensuring a responsive and user-friendly experience across devices. Security measures are robust with multiple security headers and a comprehensive content security policy, although the SSL certificate is currently invalid, which is a critical issue that needs immediate attention. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, dormakaba demonstrates a strong security posture and business credibility, supported by transparent investor relations and active communication channels.

D

d:code:it Ltd

dcodeit.com

38

d:code:it Ltd is a digital design and development studio specializing in transforming enterprises, particularly in the financial services sector. The company targets global banks and enterprises, offering innovative financial solutions, trading applications, and management consulting services. Their market position is that of a niche, specialized provider with a strong focus on complex UI and fintech applications. The website reflects a professional and consistent brand image with detailed leadership information and a comprehensive privacy policy demonstrating GDPR compliance. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront CDN, with modern JavaScript and SVG animations enhancing user experience. However, the site suffers from an invalid SSL certificate and lack of modern TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed in the policy, but no explicit cookie consent mechanism is present. Overall, the site is functional and professional but requires urgent security improvements to ensure trust and compliance.

P

PennWhite

pennwhite.co.uk

38

PennWhite is a mature, medium-sized global manufacturer specializing in foam control agents and chemical solutions, operating as a subsidiary of Manali Petrochemicals Limited. The company serves a broad industrial audience with over 35 years of experience and a presence in 40+ countries. The website is a modern Angular-based single-page application hosted on AWS infrastructure, demonstrating a good level of digital maturity with responsive design and professional branding. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR adherence visible. The company shows trustworthiness through certifications and corporate affiliations but should urgently address security shortcomings to improve its posture and compliance.

ZEGNA.com is the official online store for the luxury menswear brand ZEGNA, targeting discerning male customers seeking high-end designer clothing and accessories. The website offers a comprehensive product catalog with a strong focus on user experience, supported by modern web technologies such as Vue.js and Akamai CDN for performance and scalability. The site integrates multiple marketing and analytics tools to optimize customer engagement and business intelligence. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture and trustworthiness of the platform. Legal and privacy policies are well documented and accessible, indicating good compliance with GDPR and related regulations. Overall, the site presents a professional and trustworthy e-commerce experience but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

P

Pacific National

pacificnational.com.au

37

Pacific National is Australia's largest private rail freight operator, providing comprehensive rail logistics services across the country. The company emphasizes safety, customer service, and operational excellence, serving a broad range of industries with extensive rail assets including locomotives and wagons. Their market position is strong as a trusted logistics partner with a large customer base and national presence. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing common web technologies such as jQuery, Bootstrap, and Owl Carousel. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and structured data implemented for enhanced search visibility. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Security headers are minimal, and advanced protections like HSTS and OCSP stapling are not enabled. While some security best practices like HttpOnly and Secure cookie flags are set, the overall security posture is weak and requires urgent improvement. Overall, the website is professional and content-rich but suffers from significant security shortcomings that impact user trust and compliance. Strategic improvements in SSL/TLS deployment and privacy compliance mechanisms are recommended to enhance security and regulatory adherence.

E

ERRP | Expired Registration Recovery Policy

pressel.com

35

The website pressel.com currently serves as a placeholder page indicating that the domain registration has expired and is pending renewal or deletion. It provides multilingual notices about the Expired Registration Recovery Policy but does not offer active business services or detailed company information. The site uses minimal technical infrastructure, including an nginx server and Google Analytics for tracking, but lacks modern security features such as HTTPS, SSL certificates, and DNSSEC. The absence of contact information, privacy compliance mechanisms, and security policies indicates a low level of digital maturity and business readiness. Overall, the site is not operational for business purposes and presents significant security and compliance gaps.

L

lemonconsulting

lemonconsulting.es

25

Lemon Consulting is a Spanish strategic consulting company specializing in credit insurance, health insurance, and business innovation consulting. The company targets businesses seeking to improve their overall results and risk management. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with Elementor and uses modern web technologies and plugins for SEO, accessibility, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. The site employs Google Analytics and cookie consent mechanisms aligned with GDPR. Security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, Lemon Consulting appears to be a legitimate small business with a moderate digital maturity level but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

C

Clarivate

unycom.com

33

Clarivate's Unycom website presents a comprehensive corporate IP lifecycle management software solution targeted at mid-size to global corporations. The site is professionally designed with rich content, clear navigation, and extensive integration of analytics and marketing tools, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The WHOIS data confirms domain legitimacy and corporate ownership, reinforcing business credibility. Overall, the site demonstrates strong business positioning and technical maturity but requires urgent security improvements to meet modern standards.

W

Wittur Group

wittur.com

40

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

L

Leviton Manufacturing Co., Inc.

brand-rex.com

40

Leviton Manufacturing Co., Inc. operates a comprehensive and professionally designed website offering a wide range of electrical and lighting control products targeting residential, commercial, and industrial markets. The company positions itself as a leader in home electrical safety with over 115 years of history, providing products such as lighting controls, wiring devices, networking solutions, electric vehicle charging, and submetering. The website demonstrates a mature digital presence with extensive product catalogs, market segmentation, and partner integrations. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, ensuring good user experience and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

M

M.Tech Products Pte Ltd

mtechpro.com

40

M.Tech Products Pte Ltd is a leading distributor and solutions provider specializing in cyber security and network performance solutions across the Asia-Pacific region. The company maintains a strong market position with presence in 14 countries, 24 offices, and a reseller network exceeding 2,000 partners. Their business model focuses on partnering with market-leading vendors to deliver integrated security and network performance management solutions, complemented by professional services and training offerings. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for their target audience of enterprises and resellers. Technically, the website is built on WordPress using common libraries such as jQuery and Owl Carousel, with Gravity Forms for data collection. While the site is mobile optimized and SEO friendly, performance appears slow based on provided data. Critically, the site lacks a valid SSL certificate and proper HTTPS configuration despite having security headers like HSTS, which severely impacts its security posture. Analytics usage is moderate with Google Analytics implemented, but no cookie consent mechanism or explicit cookie policy was found. From a security perspective, the site demonstrates basic best practices through HTTP security headers but suffers from the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or vulnerability disclosure information is available, and no security certifications are displayed. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website is functional and professional but requires urgent security improvements, especially regarding SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Strategic recommendations include securing the website with valid certificates, enabling modern security protocols, and enhancing privacy and incident response disclosures.

T

TRIAX

triax.com

30

TRIAX is a UK-based manufacturer and distributor specializing in multimedia equipment for the trade sector, focusing on signal reception, TV distribution, and IP network solutions primarily for the hospitality and telecommunications industries. The company has a strong market presence with over 75 years of history and a wide distributor network. Their website is built on WordPress with WooCommerce, leveraging modern themes and plugins such as Divi and Yoast SEO to provide a professional and user-friendly experience. Despite the comprehensive content and good privacy compliance, the absence of a valid SSL/TLS certificate is a critical security gap that exposes users to potential risks. The site includes active cookie consent mechanisms and detailed privacy policies, reflecting a commitment to GDPR compliance. Overall, the business demonstrates solid digital maturity but requires urgent security improvements to protect user data and enhance trust.

S

SIGNA

signa.at

26

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

P

Pixelcoma

pixelcoma.at

23

Pixelcoma is a small photography business based in Vienna, Austria, specializing in food photography, artist portraits, business portraits, workshops, and studio rentals. The website is built on WordPress with WooCommerce for e-commerce functionality and integrates common marketing and analytics tools such as Google Analytics and Mailchimp. The business targets local clients in the media and creative sectors, offering diversified services including an online shop and newsletter subscriptions. Technically, the website uses standard WordPress plugins and themes but lacks a valid SSL certificate, which significantly impacts its security posture. The absence of HTTPS exposes users to potential data interception risks, and no advanced security headers or mechanisms are implemented. Privacy compliance is partially addressed with a privacy policy and terms of service, but no cookie consent mechanism is present despite the use of tracking scripts. Overall, the website presents a professional design and good user experience but requires urgent security improvements to protect user data and enhance trust.

plenum AG Management Consulting is a well-established German management consulting firm specializing in transformation advisory services primarily for the finance, insurance, and energy sectors. With over 35 years of experience, the company holds a strong market position supported by industry awards and a professional digital presence. The website reflects a mature digital infrastructure built on TYPO3 CMS, featuring comprehensive content, clear navigation, and multi-channel engagement including social media and newsletters. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, aligning with GDPR requirements. Overall, the business demonstrates high credibility and professionalism but must urgently address its HTTPS deficiency to improve security posture and user confidence.

E

Eton Institute

etoninstitute.com

30

Eton Institute is a well-established language school based in the UAE, recognized as the only EAQUALS-accredited language school in the region. It offers a wide range of language courses, special programs, exam preparation, teacher training, and corporate training services. The website targets individuals and corporate clients seeking language education with flexible learning options including in-person and online classes. The business has a strong market position supported by 19+ years of experience and multiple trust indicators such as certifications and testimonials. Technically, the website is built on WordPress using Elementor and Gravity Forms, with SEO optimizations via Yoast and analytics through Google Analytics and Tag Manager. While the design and content quality are excellent, the site suffers from slow performance and basic accessibility features. Mobile optimization is good, and navigation is clear. From a security perspective, the site has implemented several security headers but critically lacks a valid SSL certificate, resulting in no HTTPS availability. This is a major vulnerability that impacts user trust and security. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or detailed security/incident response policies. Overall, the site is professional and credible but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security posture and user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HSTS, implementing cookie consent, and publishing comprehensive security policies.

E

eRecruiter GmbH

erecruiter.net

24

eRecruiter GmbH is an established Austrian technology company specializing in recruiting software solutions. With over 20 years of experience and a client base of more than 350 companies, eRecruiter offers a comprehensive suite of services including applicant tracking, talent sourcing, AI-assisted recruiting, and detailed reporting. The company positions itself as a user-friendly, efficient, and GDPR-compliant solution provider targeting SMEs and enterprise clients. Technically, the website is built on WordPress using modern frameworks and libraries, with integrations for Google Analytics and Tag Manager for marketing and analytics purposes. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and comprehensive privacy policies. Overall, the business demonstrates strong credibility and professionalism but must urgently address its SSL/TLS configuration to improve security and trust.

K

KIWI Norge AS

kiwi.no

36

KIWI Norge AS operates a large grocery retail chain in Norway with nearly 700 stores, targeting Norwegian consumers seeking affordable and convenient grocery shopping. The website provides rich content including store locators, customer magazines, and loyalty program information (KIWI PLUSS). Technically, the site is built on ASP.NET MVC with AngularJS and integrates multiple third-party services such as Google Analytics and Piwik Pro for analytics and marketing. The site is hosted on Microsoft Azure and uses modern web technologies but lacks a valid SSL certificate, resulting in insecure HTTP connections. Security headers like Content-Security-Policy are present but could be hardened further. Privacy and cookie policies are comprehensive and GDPR compliant, linked to the trusted trumf.no domain. Contact information is clearly provided with phone numbers and physical address, and social media presence is active. Overall, the site is professional and trustworthy but has a critical security gap due to missing HTTPS.

The website maks.at is a small, personal graphic design business site documenting the history and rebranding of the entity now known as apparat.wien. It targets clients and interested parties in the graphic design and branding space, primarily in Austria. The site content is well-structured with a timeline format, providing a narrative of the business evolution from 1988 to 2020. Technically, the site uses Apache hosting with Google Analytics and Google Fonts integration but lacks modern CMS or frameworks. Performance data is unavailable, and mobile optimization is basic. Security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to risks and reducing trust. Privacy compliance is poor, with no visible privacy or cookie policies. Business credibility is moderate but limited by lack of contact information and trust signals. Overall, the site is functional but requires significant improvements in security and privacy to meet modern standards.

W

wb-bc Business Consulting und Beteiligungs GmbH

wb-bc.at

37

wb-bc Business Consulting und Beteiligungs GmbH is a small Austrian consulting firm specializing in digital and online business consulting services. Their offerings include business founding, digital transformation, performance improvement, financing, business model innovation, and succession planning. The company emphasizes practical, tailored solutions delivered through digital channels such as phone, Skype, MS Teams, and Zoom, with modular booking and payment options available online. The website is built on WordPress using Elementor and integrates various marketing and analytics tools including Google Analytics, Facebook Pixel, and LinkedIn Insight Tag. While the site is content-rich and professionally designed with good navigation and mobile optimization, it lacks a valid SSL certificate, serving content over HTTP only, which is a significant security concern. Privacy compliance is well addressed with comprehensive cookie consent and privacy policies. Contact information is clearly presented, and the company maintains an active social media presence. Overall, the business appears legitimate and trustworthy, but the lack of HTTPS significantly impacts the security posture.

L

List SpA

list-group.com

40

List SpA is a medium-sized Italian company specializing in advanced software solutions for banking and finance, including trading, compliance, risk management, and treasury management. As part of the ION Group, it holds a strong market position with a professional digital presence targeting financial institutions and trading venues. The website is well-structured, content-rich, and optimized for SEO and mobile devices, reflecting a mature digital infrastructure based on WordPress and Elementor. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks and undermining trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the company demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

V

VERITAS Verlags- und Handelsges.m.b.H.&Co.OG

veritas.at

40

VERITAS Verlags- und Handelsges.m.b.H.&Co.OG is a leading Austrian educational publisher specializing in printed and digital school books and learning materials. The company offers a broad portfolio of over 400 product lines and 80,000 digital and printed resources targeting teachers, students, and parents primarily in Austria. Their market position is strong within the Austrian education sector, supported by comprehensive digital platforms and learning apps. The website reflects a mature digital presence built on Magento Commerce, integrating modern analytics and marketing tools such as Google Analytics and New Relic. However, the website's security posture is weakened by an invalid SSL certificate and incomplete enforcement of HTTPS, which poses a risk to user trust and data security. Content Security Policy is implemented in report-only mode, indicating partial adoption of security best practices. Overall, the site is professionally designed with excellent content quality and navigation, but security improvements are necessary to enhance trust and compliance.

D

Ditech

ditech.com.br

24

Ditech is a Brazilian technology company founded in 2001 specializing in custom software development, IT outsourcing, and consulting services. The company targets businesses seeking tailored technology solutions and has an established market presence supported by a portfolio of client cases and active social media engagement. The website is built on WordPress with several plugins including Yoast SEO and HubSpot integration, indicating a moderate level of digital maturity. However, the site lacks HTTPS, which is a critical security shortfall, and uses outdated libraries that may expose it to vulnerabilities. No privacy or cookie policies are published, reflecting gaps in compliance. Overall, while the business appears legitimate and professional, the security posture requires urgent improvement to protect user data and enhance trust.

Hueck Folien GmbH is a specialized manufacturing company based in Austria, focusing on high-quality film coating solutions with a strong emphasis on security features for banknotes and other high-security applications. The company has a solid market position as a trusted partner for the world's most secure currencies and offers innovative products such as security threads and self-adhesive labeling surfaces. Their website reflects a professional and consistent brand image, targeting industrial clients and partners in security and design sectors. Technically, the site is built on TYPO3 CMS with modern frontend technologies and integrates analytics and marketing tools like Google Analytics and Facebook Pixel. However, the absence of a valid SSL certificate and disabled TLS protocols significantly weaken the site's security posture, exposing users to risks and reducing trust. While security headers are well implemented, critical improvements in SSL/TLS configuration are necessary. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and content-rich but requires urgent security enhancements to align with best practices.

SGL Carbon is a global technology leader specializing in carbon-based materials and solutions, serving key industries such as sustainable mobility, energy, semiconductor technology, and chemical manufacturing. The company operates worldwide with a strong presence in Europe, North America, and Asia, employing approximately 4,700 people and generating significant revenue. The website reflects a mature and professional business with comprehensive content, clear branding, and a focus on sustainability and innovation. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical lack of HTTPS and valid SSL certificates, severely impacting security posture. Privacy compliance is well addressed with cookie consent mechanisms and detailed policies. Overall, the site is trustworthy and professional but requires urgent security improvements to protect users and data.