Security Directory

A

AF Compressors

afcompressors.com

40

AF Compressors is a well-established manufacturer specializing in oil-free piston compressors, serving industrial sectors including PET bottling. The company positions itself as a world leader with a strong focus on energy and cost savings. Their website reflects a medium-sized enterprise with a global service network and a consistent brand presence. Technically, the site is built on WordPress with modern libraries and tracking tools, but suffers from a critical lack of HTTPS and valid SSL certificates, which severely impacts security posture. Privacy policies and cookie consent mechanisms are implemented, though extensive tracking scripts may affect privacy compliance. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

Belimed INC.

belimed.com

40

Belimed INC. is a large healthcare-focused company specializing in medical and surgical instrument sterilization, disinfection, and cleaning products and services. The company positions itself as a trusted partner in advancing medical care and protecting patient and staff safety, with a global presence and over 1,000 employees across nine countries. Their business model is primarily B2B, serving sterile processing departments and healthcare providers with a comprehensive portfolio including washer-disinfectors, sterilizers, digitalization solutions, and training services. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Tailwind CSS for styling. It integrates multiple analytics and marketing tools including Google Analytics, Facebook Connect, LinkedIn Pixel, and Calendly. The site is well-optimized for mobile and accessibility, with clear navigation and professional design. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. From a security perspective, the site implements several important HTTP security headers and a restrictive Content-Security-Policy, but the lack of a valid SSL certificate and incomplete HSTS implementation are critical weaknesses. No explicit security or incident response policies are found, and there is no vulnerability disclosure or security.txt file. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is professional and trustworthy from a business and content perspective but requires urgent remediation of SSL issues to improve security and user trust. Strategic improvements in security policy transparency and incident response readiness are also recommended.

P

Pointy Hills Media Ltd

fall-line.co.uk

35

Fall Line Skiing is a specialized UK-based media company operating a ski magazine and website focused on ski gear reviews, resort guides, and skiing stories. The company targets ski enthusiasts and offers subscriptions, single issue sales, advertising, and an e-commerce shop. The website is built on WordPress with WooCommerce and uses modern marketing and analytics tools, including Google Analytics, Tag Manager, and Microsoft Clarity. The content quality and branding are excellent, with clear navigation and professional design. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Security headers are present but insufficient without HTTPS. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms implemented. Contact information is clearly provided, including a UK physical address and phone number. Overall, the website is trustworthy but requires urgent security improvements to protect user data and enhance trust.

M

MedMedia Group

medmedia.ie

38

MedMedia Group is a specialist healthcare communications and marketing agency based in Ireland, focusing on delivering publishing expertise combined with design, digital innovation, and marketing services tailored to the healthcare sector. Their market position is that of a niche provider serving healthcare clients with a broad spectrum of services including publications, web and mobile development, brand identity, and event management. The website content is professional and well-structured, targeting healthcare organizations in Ireland. Technically, the website runs on an Apache server with a Foundation CSS framework and uses several JavaScript libraries including jQuery 1.11.0, Font Awesome, and Animate.css. Google Analytics is integrated for user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security and trust issue. Performance data is missing but inferred to be slow, and mobile optimization is basic. SEO and accessibility features are present but minimal. From a security perspective, the site has some security headers configured but fails to provide a valid SSL/TLS configuration, exposing users to risks. There are no visible privacy or cookie policies, and no incident response or vulnerability disclosure information is provided. The absence of GDPR compliance indicators and cookie consent mechanisms further weakens the privacy posture. Overall, the website demonstrates moderate business credibility and good content quality but suffers from critical security shortcomings due to lack of HTTPS and privacy compliance. Strategic improvements in SSL configuration, privacy policies, and updated technology stacks are recommended to enhance trust and security.

R

RIWOG Real Estate Management GmbH

riwog.at

36

RIWOG Real Estate Management GmbH operates as a medium-sized real estate group based in Austria, offering comprehensive property brokerage, management, and related services. The website targets property buyers, sellers, and investors primarily in Austria with some international presence in Greece and Spain. The business model focuses on real estate marketing, development, and client services including financing and valuation. The company maintains a professional online presence with clear branding and detailed legal disclosures, supporting its market position as a reputable real estate service provider. Technically, the website is built on SilverStripe CMS with modern JavaScript frameworks and integrates common marketing and analytics tools such as Google Analytics and Facebook Pixel. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms implemented. Security best practices are partially implemented but critical improvements are needed in SSL/TLS configuration and security headers. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

A

ATMOsphere

atmo.org

56

ATMOsphere is a globally recognized event organizer specializing in conferences and networking events focused on natural refrigerants and clean cooling technologies. Established in 2009 and managed by the parent company shecco, ATMOsphere serves as a market accelerator by bringing together key industry stakeholders including policy makers, manufacturers, and end users. The website effectively communicates the business purpose, upcoming events, and team information, supported by multimedia testimonials and social media engagement. Technically, the website is built on WordPress with Elementor and uses modern plugins to enhance user experience and analytics. However, the absence of a valid SSL certificate and lack of a privacy policy represent significant security and compliance gaps. The cookie consent mechanism is implemented, but GDPR compliance cannot be fully confirmed due to missing privacy documentation. Overall, the business credibility is strong, but the security posture requires urgent improvement to protect user data and build trust.

H

Hilfswerk Österreich

hilfswerk.at

36

Hilfswerk Österreich is a large, well-established non-profit organization providing extensive health, social, and family services across Austria. The website reflects a professional and comprehensive digital presence, targeting a broad audience including elderly people, children, families, and caregivers. The organization maintains a strong market position as one of Austria's leading providers in its sector, supported by government funding and a wide range of services. Technically, the website is built on TYPO3 CMS with modern frontend libraries and includes accessibility and SEO best practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL implementation to mitigate security risks.

ARTCUE® is a small creative business specializing in concept art and game development, with a current focus on a fantasy-themed game involving settlement building and dragon taming. The website presents basic content targeted at gamers interested in fantasy and city-building genres. Technically, the site uses Google Analytics and a cookie consent mechanism but lacks modern security implementations such as HTTPS, valid SSL certificates, and security headers. Performance is slow, and mobile optimization is basic. Security posture is weak due to missing SSL and security best practices, exposing users to potential risks. Privacy compliance is minimal with a basic privacy policy and cookie consent but no clear GDPR adherence. Business credibility is limited by the absence of contact information and formal certifications. Overall, the site requires significant improvements in security, performance, and transparency to enhance trust and user experience.

A

ADMIRAL Entertainment Holding Germany GmbH

admiral-games.de

40

ADMIRAL Entertainment Holding Germany GmbH operates as a prominent gaming and entertainment company in Germany, specializing in the operation of modern game halls and providing a wide range of gaming machines and services. As part of the reputable NOVOMATIC AG group, ADMIRAL leverages both tradition and innovation to deliver unique leisure experiences to its customers. The website reflects a professional and consistent brand image targeting German-speaking audiences, with clear navigation and relevant business content. Technically, the site is built on TYPO3 CMS and uses modern frameworks like Bootstrap, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and HTTPS support. Security headers are implemented, and cookie consent mechanisms are in place, indicating a basic level of privacy compliance. However, the absence of HTTPS significantly undermines the site's security posture. Overall, the business appears legitimate and well-established, with clear contact information and social media presence, but the technical security gaps present a risk that should be addressed promptly.

M

MH|Direkt

mhdirekt.com

25

MH|Direkt is a mature and established e-commerce fulfillment service provider based in Austria with over 28 years of experience. The company operates multiple fulfillment centers across Austria, Germany, and the UK, offering comprehensive services including warehousing, packaging, cross-border shipping, personalization, and API integration. Their business model focuses on supporting online shops to efficiently manage logistics and shipping across Europe, including direct market entry into Switzerland. The website reflects a professional and well-branded digital presence with extensive content and customer testimonials, positioning MH|Direkt as a reliable partner in the e-commerce logistics sector. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Gravity Forms, and WP Rocket. It integrates multiple marketing and analytics tools including Google Analytics, Google Ads, Facebook Pixel, and LinkedIn Insight Tag, indicating a mature digital marketing strategy. The site is mobile-optimized and SEO-friendly, though performance is moderate and accessibility features are basic. From a security perspective, the website lacks a valid SSL certificate, which is a critical issue impacting user trust and data security. Other security best practices such as HSTS, DNSSEC, and domain protection locks are not implemented, reducing the overall security posture. No explicit security or incident response policies are published on the site. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms in place. Overall, MH|Direkt presents a credible and professional business with strong market positioning in e-commerce fulfillment. However, the lack of HTTPS and some security best practices pose risks that should be addressed promptly to enhance trust and compliance. Strategic recommendations include immediate SSL certificate installation, enabling HSTS and DNSSEC, and publishing security policies to improve transparency and security culture.

F

Federico Solutions

federico.pro

28

Federico Solutions operates a professional website focused on design, prototyping, and manufacturing services, targeting businesses seeking custom solutions. The company presents a mature market presence with a domain registered since 2009 and consistent branding. Technically, the site is built on WordPress using the Divi theme and integrates SEO and analytics tools, but lacks HTTPS, which is a significant security gap. The security posture is weak due to the absence of SSL/TLS encryption and modern security headers, exposing users to potential risks. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy, though direct contact details are limited to a contact form. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

E

EDITORIAL. LOGÍSTICA .LA

logistica.la

36

EDITORIAL. LOGÍSTICA .LA is a specialized editorial platform focused on logistics and supply chain management in Latin America, providing professional content, industry insights, and resources primarily in Spanish. The website is hosted on WordPress.com, leveraging WordPress CMS and related technologies such as Jetpack and Gutenberg. The site targets professionals, academics, and students interested in logistics and SCM, with a small but engaged subscriber base. Technically, the site uses modern web technologies but suffers from a critical lack of valid SSL/TLS configuration, exposing users to potential security risks. Privacy compliance is basic, with cookie consent implemented but no explicit privacy policy or terms of service found. The domain is mature and well-protected, registered with GoDaddy, supporting the site's legitimacy. Overall, the site offers valuable content but requires urgent security improvements to protect visitors and enhance trust.

S

Salinen Austria Aktiengesellschaft

salinen.com

40

Salinen Austria Aktiengesellschaft is a leading Austrian salt manufacturer specializing in high purity salt products including pharmaceutical salt, cooking salt, industrial salt, and agricultural fertilizers. The company serves both private consumers and business clients, offering a broad product portfolio and an online webshop. Their market position is strong within Austria and the surrounding region, supported by multiple country-specific sister sites. Technically, the website is built on TYPO3 CMS with modern frontend features such as lazy loading images and Google Analytics integration. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture. Security headers are partially implemented but without encryption, the site is vulnerable to interception. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

F

Fercam S.p.A.

fercam.com

40

FERCAM S.p.A. is a well-established logistics and transport company with over 75 years of experience, offering a broad range of services including road, air, and ocean freight, integrated logistics, customs consulting, and specialized transport services. The company operates primarily in Europe with presence in Asia and Africa, targeting businesses requiring comprehensive supply chain solutions. The website demonstrates a good level of digital maturity with multi-language support, structured navigation, and integration of modern analytics and marketing tools. However, the absence of HTTPS and a valid SSL certificate significantly weakens the security posture, exposing users to potential risks. Privacy and cookie policies are present and supported by consent mechanisms, indicating compliance with GDPR standards. Overall, the site is professional and trustworthy but requires urgent security improvements.

A

AXIS Flight Training Systems GmbH

axis-simulation.com

38

AXIS Flight Training Systems GmbH is a medium-sized Austrian company specializing in the design and manufacture of advanced flight simulation solutions, including full flight simulators and training devices that comply with international aviation standards such as EASA, FAA, and ICAO. Founded in 2004, AXIS positions itself as an innovator in the flight simulation industry, emphasizing quality, efficiency, and responsiveness to customer needs. The company maintains ISO 9001-2015 certification and has committed to CO2 neutrality since 2021, reflecting corporate responsibility values. Technically, the website is built on WordPress with Elementor and integrates various plugins for event management, galleries, and cookie consent. The site uses Google Analytics and Google Ads for analytics and marketing, with a compliant cookie consent mechanism in place. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. The DNS configuration shows some malformed CAA records, and no modern TLS protocols are enabled, exposing the site to potential security risks. Security posture is weak due to the absence of HTTPS and related security headers, although no active vulnerabilities or malware were detected. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms. Business credibility is high, supported by detailed company information, social media presence, and trust indicators such as certifications and CO2 neutrality. Overall, the website is professional and content-rich but requires urgent security improvements, particularly SSL/TLS implementation, to protect user data and enhance trustworthiness.

T

Tulsa Public Schools

tulsaschools.org

40

Tulsa Public Schools operates a comprehensive public education system serving a large student population in Tulsa, Oklahoma. The website provides extensive resources for students, families, educators, and community members, including enrollment information, academic programs, family support, and career opportunities. The district positions itself as a community-focused organization committed to equity, excellence, and student success. Technically, the site leverages modern analytics and marketing tools, a reputable CMS (Finalsite), and Cloudflare for hosting and security. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the secure delivery of content and user trust. Privacy and cookie policies are not explicitly found, indicating potential compliance gaps. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

P

PXP Financial

pxpfinancial.com

40

PXP Financial is a UK-based payment technology company offering a unified commerce platform that simplifies global payments and commerce operations. The company targets a broad range of industries including retail, hospitality, gaming, and travel, providing services such as point of sale, eCommerce, acquiring, and cross-border payments. Their platform emphasizes intelligent payment routing, real-time business intelligence, and self-service capabilities, positioning them as a modern and innovative player in the payment solutions market. Technically, the website is built on HubSpot CMS with integrations of popular marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for privacy compliance. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is a critical issue for a financial services provider. The domain registration is consistent and mature, registered with a reputable UK registrar, and the business is FCA authorized, enhancing credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS security to meet industry standards and protect user data.

D

Dorotheum GmbH & Co KG

dorotheum.com

40

Dorotheum GmbH & Co KG operates the largest auction house in Central Europe, specializing in art, antiques, jewelry, and collectibles with over 300 years of experience. The company holds numerous auctions annually, both online and in physical salerooms, and offers additional services such as private sales and expert consultations. The website is professionally designed, content-rich, and targets collectors, buyers, and sellers in the art and luxury goods market primarily in Austria and surrounding regions. Technically, the site is built on TYPO3 CMS with modern frontend libraries and integrates analytics and marketing tools like Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent improvements in security posture to protect user data and enhance trust.

E

Ecker & Partner

eup.at

24

Ecker & Partner is a well-established PR and Public Affairs agency based in Vienna, Austria, offering a broad range of communication services including crisis communication, litigation PR, digital content, and storytelling. The company positions itself as a leading agency in its sector with a strong network and long-standing client relationships. Technically, the website is built on WordPress with common marketing and analytics integrations but suffers from a critical lack of a valid SSL certificate, resulting in insecure HTTP connections. The site is content-rich and professionally designed but experiences slow load times and lacks some security best practices. Privacy compliance is partial, with a cookie consent banner present but no visible privacy policy page. Overall, the business credibility is high, but the security posture requires urgent improvement to protect user data and trust.

Bühler Group is a well-established enterprise specializing in manufacturing and technology solutions primarily for the food processing and advanced materials industries. The company offers a broad portfolio of industrial solutions, including extrusion, milling, and process technologies, supported by global services such as maintenance, expert consulting, and training centers. Their website reflects a mature digital presence with consistent branding and comprehensive corporate governance information. Technically, the site is built on Adobe Experience Manager and hosted on AWS infrastructure with CloudFront CDN, leveraging modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms on forms. Overall, Bühler Group's website demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and enhance trust.

H

HAKOM Time Series GmbH

hakom.at

26

HAKOM Time Series GmbH is a medium-sized Austrian company specializing in time series management software and cloud services for the energy sector. The company positions itself as a technology leader with over 30 years of experience, offering both on-premises and cloud-based solutions under the PowerTSM® brand. Their website reflects a professional and comprehensive digital presence, targeting energy industry professionals and IT developers with detailed product information, news, webinars, and customer success stories. The company maintains active engagement through social media and newsletter subscriptions. Technically, the website is built on TYPO3 CMS and uses modern web technologies including jQuery and Swiper.js for interactive content. The hosting provider is identified as Web-Crossing. While the site is mobile-optimized and SEO-friendly with proper metadata and structured data, performance metrics are not explicitly available. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy in German. From a security perspective, the site lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data security. Security headers such as HSTS and CSP are present but cannot compensate for the missing HTTPS encryption. No explicit security policy or incident response information is found, which could be improved to enhance transparency and trust. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards and protect user data effectively. Strategic recommendations include obtaining a valid SSL certificate, enabling TLS 1.2/1.3, and enhancing security policies and incident response disclosures.

N

NGS Global

ngs-global.com

25

NGS Global is a partner-led executive search and leadership advisory firm with a global presence spanning the Americas, Europe, Asia Pacific, Africa, and the Middle East. The company offers personalized executive search services leveraging a mid-sized platform that combines the resources of major global firms with high-touch client service. Their key services include executive search, leadership consulting, and industry-specific expertise across multiple sectors. Technically, the website is built on Joomla CMS with modern JavaScript libraries and frameworks such as jQuery and Bootstrap, but suffers from a lack of HTTPS support due to an invalid or missing SSL certificate, which significantly impacts security posture. The site implements cookie consent via Cookiebot and uses Google Analytics and ZoomInfo for tracking, indicating moderate digital maturity. Security headers are partially implemented, but critical vulnerabilities exist due to the absence of SSL/TLS encryption. Overall, the website presents professional content and a clear business model but requires urgent security improvements to protect user data and enhance trust.

M

Melitta

melitta.com

40

Melitta is a well-established company specializing in coffee products and related services, operating a professional website that serves both consumers and B2B partners. The site provides comprehensive information about the company, its sustainability initiatives, and customer service options, supported by a consistent brand presence and active social media engagement. The technical infrastructure leverages modern JavaScript libraries, Google Analytics, and Cloudflare CDN services, with good mobile optimization and accessibility features implemented via a third-party widget. However, the website's security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is functional and professional but requires urgent remediation of SSL and TLS issues to improve security and trustworthiness.

F

Foggia Città Aperta

foggiacittaaperta.it

33

Foggia Città Aperta is a local news media website providing news, videos, blogs, and event information focused on the Foggia province in Italy. Established in 2012, it serves a regional audience with content spanning politics, sports, culture, and society. The website demonstrates a consistent brand presence and active social media engagement. Technically, the site uses a variety of JavaScript libraries and frameworks such as jQuery and Bootstrap, hosted on Aruba infrastructure. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. Cookie consent is implemented, but privacy policies are basic and lack comprehensive GDPR compliance indicators. No explicit security or incident response policies are found. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

M

Mississippi University for Women

muw.edu

33

Mississippi University for Women (The W) is a public co-educational university founded in 1884, offering a broad range of undergraduate and graduate programs with a strong emphasis on academic excellence and leadership development. The university holds a solid market position in the southern United States, recognized for low student debt and transfer student friendliness. The website reflects a professional and comprehensive digital presence, targeting prospective and current students, faculty, staff, and alumni. The content is rich, well-structured, and supported by active social media channels and event management tools.

U

USP Indicator Solutions GmbH

usp.at

28

USP Indicator Solutions GmbH is a specialized service provider that helps R&D and marketing teams in the consumer goods industry translate complex scientific claims into compelling demo assets. The company has a strong market presence with over 400 brands served, including major global names such as L'Oréal, Johnson & Johnson, and Bayer. Their key services include demo creation, real demo videos, product and claim demos, and digital experiences embedding AI and custom algorithms. The website reflects a mature digital infrastructure built on WordPress with Elementor and WooCommerce, supported by LiteSpeed hosting and modern web technologies. Privacy and cookie policies are well implemented with GDPR compliance and consent mechanisms. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HTTPS configuration, which poses a critical risk to user trust and data security. Strategic improvements in SSL deployment and security headers are recommended to enhance the overall security and compliance stance.

F

Franziskus Spital GmbH

franziskusspital.at

30

Franziskus Spital GmbH operates as a non-profit healthcare provider with two hospital locations in Vienna, Austria, offering a broad range of medical services including internal medicine, surgery, anesthesiology, and specialized centers such as hernia surgery and breast health. The website targets patients, visitors, referring physicians, and career seekers, positioning itself as a regional healthcare institution with a focus on individualized medicine and comprehensive patient care. Technically, the website employs a mix of legacy and modern JavaScript libraries and includes Google Analytics and a cookie consent mechanism, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall that undermines user trust and data protection. Security headers are partially implemented but lack advanced protections such as HSTS and DNSSEC. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent. Overall, the site is professionally designed and content-rich but requires urgent security improvements to meet modern standards.

M

Minimax GmbH

minimax.de

37

Minimax GmbH is a well-established leader in the fire protection industry with over 120 years of experience. The company offers a broad range of fire detection, suppression, and prevention systems tailored for various industries including energy, manufacturing, and transportation. Their market position is strong, supported by a comprehensive portfolio of products and services, including maintenance and training. The website reflects a professional and consistent brand image targeting industrial and commercial clients seeking reliable fire safety solutions. Technically, the site uses modern JavaScript modules, a CDN for content delivery, and integrates popular analytics and marketing tools such as Google Analytics and Facebook Pixel. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, leaving the site vulnerable to interception and undermining user trust. Security headers are properly configured, but the lack of HTTPS significantly lowers the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to align with best practices and protect users.

E

Exmanco

exmanco.com

24

Exmanco is a regional Austrian automotive service provider and retailer specializing in tires, rims, auto parts, and vehicle maintenance services. Operating multiple branches in Austria, the company targets vehicle owners seeking professional and affordable automotive repair and parts. The website is built on WordPress with WooCommerce and uses the Enfold theme, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS support represents a significant security risk. The site includes cookie consent mechanisms and structured data for SEO but lacks comprehensive privacy and security policies. Contact information and physical addresses are clearly provided, supporting business credibility.

V

Verjus-Shop

verjus-shop.com

24

Verjus-Shop is a specialized e-commerce business based in Austria, founded in 2012, offering natural, additive-free, gluten-free, low histamine, and alcohol-free products including Verjus and non-alcoholic beverages. The website is professionally designed with clear navigation and rich content targeting health-conscious consumers and B2B clients such as retailers and restaurateurs. Technically, the site runs on WordPress with WooCommerce and uses modern marketing and analytics tools, but suffers from a lack of HTTPS due to an invalid or missing SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are comprehensive and GDPR compliant, enhancing user trust. Overall, the business appears legitimate and well-positioned in its niche, but the lack of HTTPS is a critical security concern that should be addressed immediately.

S

SUNPOR Kunststoff GmbH

sunpor.at

25

SUNPOR Kunststoff GmbH is a medium-sized Austrian manufacturing company specializing in EPS granulate products used for insulation, packaging, and other applications. The company positions itself as a technological leader in EPS manufacturing with a strong focus on sustainability and circular economy initiatives. The website provides comprehensive product and company information primarily in German, targeting construction and packaging industry professionals. Technically, the website runs on nginx with PHP 7.2 and uses embedded YouTube videos and Google Analytics for tracking. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a significant security shortfall. Security headers are missing, and the PHP version is outdated, increasing risk exposure. Privacy compliance is addressed with a cookie consent banner and a detailed privacy policy, but no explicit security or incident response policies are found. Overall, the website is functional and professional but requires urgent improvements in security posture to protect user data and enhance trust.

A

ARCOTEL Hotels

arcotelhotels.com

35

ARCOTEL Hotels is a medium-sized hospitality group operating multiple hotels across Austria and Germany, focusing on urban locations and sustainable hospitality practices. The website presents a professional and consistent brand image with comprehensive content about their services, sustainability certifications, and direct booking advantages. Technically, the site uses a mix of legacy and modern technologies, including PHP 5.6.40, Bootstrap 4, and various JavaScript libraries, hosted on Amazon CloudFront CDN. However, the absence of a valid SSL certificate and use of outdated PHP versions represent significant security risks. Privacy and cookie policies are well implemented with consent mechanisms, and analytics usage is moderate with Google services. Overall, the site is functional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

L

Lee Enterprises

oanow.com

40

Opelika Auburn News (oanow.com) is a regional news media website operated by Lee Enterprises, providing comprehensive local news, sports, weather, opinion, and lifestyle content for Opelika, Auburn, Lee County, and East Alabama. The site targets local residents and community members, offering both free content and subscription-based digital and print editions. The business model relies heavily on advertising revenue supplemented by subscription services. The website is professionally designed with consistent branding and good content quality, supported by a modern CMS platform (BLOX) and a robust advertising ecosystem integrating multiple ad networks and tracking technologies. Privacy compliance is addressed through the use of Osano consent management, indicating GDPR adherence.

A

American International School Vienna

ais.at

40

The American International School Vienna (AIS Vienna) is a well-established international educational institution located in Vienna, Austria. The website presents a comprehensive overview of the school's offerings, including early childhood through high school education, student life, admissions, and community engagement. The school holds multiple international accreditations, reinforcing its credibility and commitment to quality education. The website is professionally designed using the Squarespace platform, featuring clear navigation, active social media integration, and basic privacy compliance mechanisms such as a cookie consent banner. Technically, the site leverages modern web technologies including jQuery, Google Fonts, and Google Analytics for tracking. However, a critical security shortfall is the absence of a valid SSL certificate, resulting in no HTTPS encryption and disabled modern TLS protocols. This significantly impacts the site's security posture and user trust. Security headers are partially implemented but could be enhanced. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR compliance indicators. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include installing a valid SSL certificate, enabling HSTS, and improving security policies and incident response readiness.

T

Tractive

tractive.com

40

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

P

Pioneers Innovation GmbH

pioneers.io

22

Pioneers Innovation GmbH is an established innovation consulting and corporate venture building firm founded in 2013, serving a broad range of corporate clients across sectors such as energy, transportation, banking, and technology. The company offers comprehensive services including innovation strategy, setup, execution, venture building, and startup services, positioning itself as a trusted partner for innovation-powered transformation and growth. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client testimonials and references to large organizations. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business credibility is high, but the lack of HTTPS is a major risk that should be urgently addressed.

W

WestLicht

westlicht.com

40

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

V

VAM USA

vam-usa.com

40

VAM USA is a medium-sized company specializing in premium connection solutions for the oil and gas industry, with a strong market position as a world leader and a parent company relationship to Vallourec Oil and Gas France. The website provides comprehensive business information, product details, and service offerings targeted at energy sector professionals and distributors in North America. Technically, the site is built on WordPress with common marketing and analytics tools but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The security posture is weak due to the absence of a valid SSL certificate and no HTTPS support, which is a critical issue. Privacy compliance is poor, with no visible privacy or cookie policies. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

Croma-Pharma is a medium-sized Austrian company specializing in minimally invasive aesthetic medical products, including hyaluronic acid fillers, botulinum toxin, skin boosters, and skincare lines with plant-exosomes. The company targets healthcare professionals and aesthetic practitioners, offering both products and business services such as consulting and education. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and regions. Technically, the site uses Silverstripe CMS and integrates Google Analytics and reCAPTCHA for user tracking and security. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a solid business presence but requires urgent security improvements to protect user data and enhance trust.

CNH Industrial N.V. is a leading global manufacturer and technology provider in the agriculture and construction sectors, operating through well-known brands such as Case IH, New Holland, and CASE. The company is publicly listed on the New York Stock Exchange, reflecting its strong market position and investor focus. The website provides comprehensive investor relations content, sustainability reporting, and career opportunities, targeting investors, industry professionals, and customers in agriculture and construction. Technically, the site is built on modern frameworks including React and Sitecore CMS, leveraging Akamai CDN for hosting and performance. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to risks and undermining trust. Security headers and policies are well implemented, but the lack of HTTPS significantly impacts the overall security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the site is professional and content-rich but requires urgent remediation of SSL issues to ensure secure user interactions.

I

impact_

thinkimpact.com

37

ThinkImpact.com is a small, niche content website focused on providing research, trends, and statistical data in the education and business sectors for the United States market in 2025. The site offers free access to well-researched papers and reviews, targeting researchers, educators, and business professionals. The business model appears to be content publishing monetized primarily through advertising networks such as Mediavine and Google Ad Manager. Technically, the website is built on WordPress and uses common web technologies and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security flaw. The security posture is weak with no HTTPS, no security headers, and no advanced protections, exposing users to potential risks. Privacy compliance is basic but present, with cookie consent and a privacy policy aligned with GDPR requirements. Overall, the site is legitimate and mature based on WHOIS data but requires urgent security improvements to protect users and enhance trust.

Grayling is a large, international PR and public affairs agency operating in over 30 countries with a strong global network of offices and affiliates. The company specializes in brand communications, corporate affairs, and public affairs, serving a diverse range of clients including major global brands. Their website reflects a professional and consistent brand image, with comprehensive content showcasing their services, case studies, and client portfolio. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and OneTrust for cookie consent management. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect visitors and maintain trust.

The website 'mmmmm.org.uk' represents a small personal or artistic portfolio associated with Adrian Fisher and Luna Montenegro under the name 'montenegrofisher'. It primarily showcases artistic works, films, and CV information, targeting art enthusiasts and collaborators. The business model is portfolio-based with a niche market presence in the UK. Technically, the site is basic, built with static HTML, CSS, and JavaScript, hosted by Pickaweb, and uses Google Analytics for visitor tracking. However, the site suffers from slow load times and lacks mobile optimization and accessibility features. Security posture is weak due to the absence of HTTPS, no security headers, and no advanced security configurations. Privacy compliance is poor with no privacy or cookie policies present. WHOIS data indicates a legitimate UK registration consistent with the website's nature. Overall, the site is functional but requires significant improvements in security, privacy, and technical performance to enhance trust and professionalism.

G

Greater Europe Mission

gemission.org

40

Greater Europe Mission is a well-established Christian missions non-profit organization focused on disciple-making and evangelism throughout Europe. The organization has a mature online presence with a professionally designed WordPress website that clearly communicates its mission, values, and ministry areas. The website targets Christian communities, churches, missionaries, and donors interested in European missions. It offers resources, contact options, and donation capabilities to support its mission. Technically, the site uses modern web technologies including WordPress, Beaver Builder, and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and HTTPS support, which is a significant security concern. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and enhance trust.

E

Egon Zehnder International Ltd.

egonzehnder.com

40

Egon Zehnder International Ltd. operates a global organizational consulting and leadership advisory website offering a wide range of executive search and leadership development services. The company is positioned as a global leader with extensive geographic reach and a comprehensive service portfolio targeting large enterprises and organizations seeking leadership solutions. Technically, the website uses modern web technologies including Vue.js and integrates multiple analytics and marketing tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate and HTTPS support. Security headers and content security policies are well implemented, but the lack of HTTPS severely impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professionally designed and trustworthy, but the critical SSL issue poses a significant risk that should be remediated immediately.

Desmet is a well-established global engineering company specializing in custom plants and equipment for the food, feed, and biofuel industries. With a large workforce and multiple brands, it holds a strong market position supported by extensive experience and a professional digital presence. The website is content-rich, well-structured, and uses modern technologies, but critically lacks HTTPS/SSL, which severely impacts its security posture. While security headers are implemented, the absence of valid SSL/TLS and related configurations exposes the site to risks. Privacy compliance is partially addressed with visible privacy and cookie policies, but no explicit consent mechanism is detected. Business credibility is high due to clear branding, contact information, and WHOIS consistency. Strategic improvements in security infrastructure and incident response readiness are recommended.

S

SigmaNEST

sigmanest.com

40

SigmaNEST is a well-established software provider specializing in CAD/CAM nesting and manufacturing automation solutions. The company offers a comprehensive suite of products designed to optimize fabrication processes across various machine types including laser, plasma, punch, router, waterjet, tube, and pressbrake. With over 40,000 installations worldwide and a strong market presence, SigmaNEST targets fabricators and manufacturers seeking to improve efficiency, reduce costs, and automate workflows. The website reflects a professional and consistent brand image, supported by multilingual content and customer testimonials, reinforcing its credibility in the manufacturing software sector. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of a valid SSL certificate and lack of TLS protocol support represent significant security shortcomings that undermine user trust and data protection. Despite strong content security policies and secure cookie settings, the lack of HTTPS is a critical vulnerability that must be addressed promptly. From a security perspective, the site demonstrates good use of security headers and GDPR-compliant privacy and cookie policies, including explicit consent mechanisms in its contact forms. No incident response or vulnerability disclosure information is present, which could be improved to enhance transparency and trust. The domain registration data aligns well with the website content and business claims, indicating legitimacy and consistency. Overall, while the business and content quality are excellent, the critical absence of HTTPS significantly lowers the security posture and overall AI score. Strategic improvements in SSL/TLS deployment and enhanced security practices are recommended to elevate the website's trustworthiness and compliance standing.

H

HTL Braunau

htl-braunau.at

28

HTL Braunau is a well-established higher technical vocational school located in Braunau am Inn, Austria, offering specialized education in electronics, electrical engineering, mechatronics, and information technology. The institution serves approximately 1000 students and emphasizes project-based learning with national and international recognition. The website reflects a professional educational institution with clear communication channels and a focus on student engagement through events and partnerships. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and integrates Google Analytics and Tag Manager for visitor insights. However, the absence of a valid SSL certificate and HTTPS severely undermines the security posture, exposing users to risks and reducing trust. Privacy and cookie policies are present and GDPR compliant, indicating awareness of data protection requirements. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

V

VF Corporation

vfc.com

40

VF Corporation is a large multinational retail company specializing in outdoor, lifestyle, and workwear apparel and footwear. The website presents a comprehensive portfolio of well-known brands such as Vans, The North Face, Timberland, and others, targeting consumers, investors, and job seekers. The business model focuses on brand management and retail operations with a strong emphasis on corporate responsibility and investor relations. Technically, the website uses Apache server technology, integrates Google Analytics, and leverages CDN services like Amazon Cloudfront for content delivery. The site is well-designed, mobile-optimized, and provides rich content with clear navigation and professional branding. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy compliance is good with a comprehensive privacy policy and terms of use, but no cookie consent mechanism was detected. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

C

CADS GmbH

cads-solution.com

40

CADS GmbH is a specialized software development company focused on innovative medical technology solutions, operating primarily in Austria with a strong partnership with the established KLS Martin Group. Their offerings include advanced software platforms such as IPS Gate® for medical case management, LOG Gate for inventory management, and 3D visualization services, targeting healthcare professionals and institutions worldwide. The website reflects a professional and well-branded digital presence with comprehensive content and multimedia resources. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from a critical security weakness due to an invalid SSL certificate, undermining HTTPS security. Privacy compliance is well addressed with clear cookie management and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by certifications and partnerships, though the lack of a terms of service page and explicit security policies is noted.