Security Directory

Chalmers tekniska högskola is a prestigious Swedish technical university founded in 1829, specializing in education and research in technology, natural sciences, transportation, and energy sectors. The institution offers a wide range of undergraduate and graduate programs, conducts cutting-edge research, and actively collaborates with industry and society. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency, targeting students, researchers, and partners. Technically, the site leverages modern frameworks such as Next.js and React, with a CMS likely based on Umbraco. However, performance data is limited, and some improvements could be made in hosting and optimization. Security posture is weakened by the lack of a valid SSL certificate and absence of DNSSEC and CAA records, which are critical for protecting user data and ensuring trust. Privacy compliance is well addressed with detailed policies and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security enhancements to meet best practices.

N

NovaTaste

frutaromsavory.com

40

NovaTaste is a globally recognized leader in taste innovation, specializing in providing customized and sustainable food ingredient solutions to food manufacturers, butchers, and foodservice players. With a strong global presence spanning 19 sites and over 2,200 employees, the company offers a broad portfolio including herbs, spices, seasonings, marinades, and functional ingredients. Their business model focuses on tailored solutions and turnkey R&D projects, positioning them as a key player in the manufacturing sector of the food industry. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Amazon CloudFront, delivering a professional and responsive user experience with good SEO and accessibility standards. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

O

Osmo

playosmo.com

58

Osmo is an educational technology company specializing in interactive learning systems that combine physical game pieces with digital apps primarily for iPad and iPhone users. The website positions Osmo as an award-winning brand with a focus on fostering social intelligence and creative thinking through hands-on play. The business model centers on e-commerce sales of educational products and digital content, targeting parents and educators seeking engaging learning tools for children. The site is professionally designed with consistent branding and positive media testimonials, indicating a strong market presence in the education sector. Technically, the website is built on modern frameworks such as Next.js and React, hosted behind Cloudflare, and uses Google Tag Manager for analytics. While the site is mobile-optimized and SEO-friendly, performance metrics are unavailable. Security-wise, the site uses HTTPS with a valid SSL certificate but lacks modern TLS protocol support and OCSP stapling, which are important for robust security. Security headers are partially implemented, but critical headers like HSTS are not fully enabled. No privacy or cookie policies were found, indicating gaps in compliance with data protection regulations. Overall, the security posture is moderate with room for improvement in encryption protocols and privacy compliance. The absence of contact information and policy pages reduces transparency and user trust. The domain registration is consistent with the business claims, and no suspicious patterns were detected, supporting the legitimacy of the site. Strategic recommendations include enabling modern TLS protocols, fully implementing HSTS, publishing comprehensive privacy and cookie policies, adding contact information, and establishing a vulnerability disclosure program to enhance security and compliance posture.

R

Regus

regus.com

40

Regus is a well-established global provider of flexible workspace solutions, including office space, coworking, virtual offices, and meeting rooms. With a mature domain age of 29 years and a strong market presence as part of the IWG Group, Regus serves a broad audience of businesses seeking flexible and scalable workspace options. The website is professionally designed, leveraging modern technologies such as Next.js and Sitecore CMS, and offers comprehensive content and clear navigation to support user engagement. However, the current lack of a valid SSL certificate and disabled TLS protocols represent significant security vulnerabilities that must be addressed promptly to ensure secure communications and maintain user trust. Privacy and cookie policies are present and indicate good compliance with GDPR requirements. Overall, the site demonstrates a strong business credibility and digital maturity but requires immediate security improvements.

G

Geberit Vertriebs GmbH

geberit.at

39

Geberit Vertriebs GmbH operates as a European market leader in sanitary products, offering a comprehensive range of bathroom and piping systems, along with digital tools and professional services. The company maintains a strong local presence in Austria and is part of the larger Geberit Group, as indicated by DNS records and authoritative nameservers. The website is professionally designed, with excellent content quality and clear navigation, targeting both professional installers and end customers. Technically, the site uses modern frameworks such as Next.js and React, hosted on Microsoft Azure, and integrates Usercentrics for cookie consent management. However, the absence of a valid SSL/TLS certificate and proper HTTPS configuration is a critical security concern. Security headers are present but insufficient without proper encryption. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance indicators are evident. Overall, the website is trustworthy and credible but requires urgent improvements in SSL configuration to enhance security and user trust.

N

Novocure GmbH

novocure.com

40

Novocure GmbH is a publicly traded oncology company specializing in innovative cancer therapies, notably Tumor Treating Fields (TTFields). The company positions itself as a leader in oncology technology, targeting patients with aggressive cancers and providing novel treatment options. Their website reflects a mature business with comprehensive content aimed at patients, healthcare professionals, and investors. Technically, the site uses modern web frameworks such as Next.js and Chakra UI, with a Drupal backend, and is hosted with Cloudflare DNS services. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data security. Privacy policies and terms of service are well documented, indicating good compliance practices. Overall, Novocure demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture.

H

HireRight

geninfo.com

37

HireRight is a global leader in employment background screening and workforce risk management, offering a comprehensive suite of services including identity verification, criminal background checks, employment and education verifications, and compliance solutions. The company integrates with major ATS and HCM platforms, providing a unified global screening platform that supports over 200 countries and territories. The website reflects a mature digital presence with excellent content quality and professional design, targeting HR professionals and enterprises seeking reliable screening services. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to data confidentiality and user trust. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy. Overall, the site demonstrates strong business credibility but requires urgent security improvements to align with industry best practices.

L

Lingohub

lingohub.com

39

Lingohub is a technology company specializing in translation and localization management software designed to streamline and automate the localization process for various user groups including managers, translators, developers, and designers. Founded in 2012 and headquartered in Austria, Lingohub offers a SaaS platform with robust CAT tools, translation memory, machine translation, and integration capabilities with popular development and design tools. The company positions itself as a trusted partner for enterprises and developers seeking efficient localization workflows. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and uses a headless CMS (Storyblok) for content management. The site demonstrates good design quality, mobile optimization, and SEO practices. However, the security posture is currently weak due to an invalid SSL certificate and lack of TLS protocol support, which poses a critical risk to user trust and data security. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Overall, Lingohub presents a professional and credible online presence but must urgently address SSL and TLS issues to improve security and trustworthiness.

K

Kempinski Hotels

kempinski.com

40

Kempinski Hotels is a well-established luxury hospitality brand offering five-star hotels and resorts worldwide. The website reflects a mature and professional digital presence with comprehensive content targeting luxury travelers and business clientele. The brand emphasizes direct booking, loyalty programs, and a rich portfolio of global destinations. Technically, the site uses modern frameworks such as Next.js and React, hosted behind Cloudflare, ensuring good performance and mobile optimization. However, a critical security gap exists due to the absence of SSL/TLS certificates, severely impacting the security posture. While security headers are properly configured, the lack of HTTPS undermines user trust and data protection. Privacy and legal policies are comprehensive and GDPR compliant, but no cookie consent mechanism was detected. Overall, the site is professional and credible but requires urgent security improvements to protect user data and maintain trust.

D

Delegate Healthcare Solutions LLC

delegate-group.com

38

Delegate Healthcare Solutions LLC operates as a leading manufacturer of foodservice software tailored for communal catering environments such as healthcare facilities, educational institutions, and senior living communities. The company offers a comprehensive suite of software solutions including patient service, foodservice management, full-service catering, and key functionalities like enterprise resource planning and menu ordering systems. Their market position is strong, supported by partnerships with notable clients and a clear focus on delivering integrated, cloud-hosted, and mobile-optimized solutions. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with a CMS likely based on Strapi. While the site demonstrates excellent content quality, branding consistency, and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of modern TLS protocols. Privacy compliance is addressed through Cookiebot, ensuring consent mechanisms are in place. Overall, the business presents a credible and professional front but must urgently address its SSL/TLS configuration to improve security posture and trustworthiness.

S

SIG Combibloc Group Ltd.

sig.biz

62

SIG Combibloc Group Ltd. is a leading enterprise in the manufacturing sector specializing in innovative and sustainable packaging solutions including carton, bag-in-box, and spouted pouch packaging. The company holds a strong market position as an industry leader with a comprehensive portfolio and a global reach. Their website reflects a mature digital presence with professional design, clear navigation, and a focus on sustainability and innovation. Technically, the site uses modern frameworks such as Next.js and React, hosted on Microsoft Azure, with good mobile optimization and SEO practices. However, the security posture is impacted by an invalid or missing SSL certificate, which is a critical issue that should be addressed promptly. Privacy compliance is well managed with clear privacy and cookie policies and GDPR adherence. Overall, the website is trustworthy and professional but requires improvements in SSL configuration to enhance security.

B

BoehlerBrothers GmbH

boehlerbrothers.com

51

BoehlerBrothers GmbH is a small technology company based in Vorarlberg, Austria, specializing in app and web development, technology consulting, and artificial intelligence solutions. The company positions itself as a regional innovator with a strong focus on digital transformation and partnerships with reputable local and regional businesses. Their website reflects a professional and modern digital presence built on Next.js and React technologies, hosted via Cloudflare, and integrates marketing and feedback tools such as Google Analytics and Gleap. However, the site suffers from a critical security deficiency due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts the security posture and user trust. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is evident. Contact information is clearly provided, enhancing business credibility. Overall, the website is content-rich and professionally designed but requires urgent security improvements to meet modern standards.

M

Mavie Work GmbH

consentiv.com

40

Mavie Work GmbH operates as a healthcare-focused B2B service provider specializing in comprehensive corporate health programs, including mental health support, physical wellness, and coaching services primarily targeting Austrian and German companies. The company has a mature market presence with over 15 years of domain registration and 20 years of operational experience, supported by multiple regional locations and digital platforms. Technically, the website leverages modern frameworks such as Next.js and Contentful CMS hosted on Google infrastructure, indicating a contemporary digital maturity. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy compliance is partially addressed with a privacy policy present but lacks visible cookie consent mechanisms. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards and regulatory requirements.

C

Campofrío Food Group, S.A.U

campofrio.es

40

Campofrío Food Group, S.A.U is a well-established Spanish company specializing in the production and commercialization of meat products. It holds a strong market position in Spain with a diverse portfolio of brands and products, focusing on quality, innovation, and sustainability. The website demonstrates a high level of content quality, with detailed product information, recipes, and corporate social responsibility initiatives. Technically, the site uses modern frameworks such as Next.js and Drupal CMS, ensuring good mobile optimization and user experience. However, the absence of a valid SSL certificate significantly impacts the security posture, reducing the overall security score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature approach to data protection. The company is part of the larger Sigma Alimentos group, with several subsidiary brands and dedicated service platforms. Overall, the website is professional and trustworthy but requires urgent attention to its SSL configuration to enhance security and user trust.

F

finderly GmbH & Co KG (Medieninhaber)

shpock.com

40

Shpock is a well-established online marketplace specializing in local second-hand classifieds across the United Kingdom, operated by finderly GmbH & Co KG based in Austria. The platform offers a wide range of categories including electronics, fashion, baby products, home & garden, and motors, supported by a strong mobile app presence with over 50 million downloads. The business model focuses on zero fees for sellers, monetizing through promoted listings and memberships, positioning Shpock as a leading player in the UK second-hand market. Technically, the website leverages modern web technologies such as React and Next.js, hosted behind Cloudflare, and integrates with payment and marketing services like Adyen, SendGrid, and Zendesk. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS support, which poses risks to user data confidentiality and trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Shpock presents a professional and trustworthy e-commerce platform with room for critical security improvements to enhance user trust and compliance.

K

Kemppi Oy

kemppi.com

40

Kemppi Oy is a Finnish manufacturer and supplier of advanced arc welding equipment, software, and safety products. The company holds a strong market position as a design leader in the arc welding industry, serving industrial welding companies and individual contractors globally. Their product portfolio includes welding machines for various processes, welding torches, personal protective equipment, and welding management software. The website demonstrates a mature digital infrastructure built on modern technologies like Next.js and Contentful CMS, hosted on AWS CloudFront, with good mobile optimization and SEO practices. Security posture is adequate with HSTS enabled, but the SSL certificate is currently invalid, which is a critical issue to address. Privacy and cookie policies are present and comprehensive, indicating good compliance with GDPR. The company maintains active social media engagement and provides extensive product documentation and multimedia content. Overall, the website reflects a professional, trustworthy, and well-established business with room for improvement in SSL configuration and additional security headers.

COS is a well-established international fashion brand specializing in modern, sustainable wardrobe essentials for women and men. The website reflects a strong brand identity with comprehensive content, multi-market localization, and a focus on sustainability. The technical infrastructure is modern, leveraging Next.js and React frameworks, hosted via Akamai CDN, and integrated with Storyblok CMS. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support and disabled TLS protocols, which severely impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Business credibility is high due to consistent branding, social media presence, and comprehensive legal documentation. Strategic improvements in security infrastructure are essential to protect user data and enhance trust.

C

Consulteer

schindlercreations.com

37

Consulteer is a European consulting and software development company specializing in human-centered design, software engineering, and cybersecurity services. The company positions itself as a one-stop innovation partner delivering market-ready products and solutions with a strong focus on the human element. The website reflects a mature and professional business with a clear market position and a medium-sized operational scale, founded in 2015 and headquartered in Switzerland. Technically, the website is built on modern frameworks such as Next.js and React, hosted via Cloudflare, and uses Contentful as a CMS. However, the website suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and user trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is limited to a contact form, with no direct emails or phone numbers publicly available. Overall, the website is content-rich and professionally designed but requires urgent security improvements to meet modern standards.

H&Z Unternehmensberatung AG is a well-established management consulting firm based in Munich, Germany, with a strong focus on strategy, procurement, transformation, sustainability, innovation, and technology. Founded in 1997, the company operates globally with over 600 consultants across 14 offices and is part of the larger H&Z Group and The Transformation Alliance. The website is professionally designed, content-rich, and targets leading organizations seeking strategic consulting services. Technically, the site uses modern frameworks such as Next.js and is hosted on Vercel, with cookie consent managed by Usercentrics and analytics via Google Tag Manager. However, the security posture is weakened by an invalid SSL certificate and lack of modern TLS protocol support, which poses risks to user trust and data security. Privacy compliance is partial, with cookie consent present but no visible privacy or terms of service policies. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

G

Glory Global Solutions (International) Limited

glory-global.com

40

Glory Global Solutions (International) Limited is a global enterprise specializing in cash automation and management solutions across multiple industries including retail, financial institutions, hospitality, gaming, and CIT cash centers. The company positions itself as a market leader with a comprehensive portfolio of products and services designed to enhance customer experience and operational efficiency. The website is professionally designed, content-rich, and targets B2B customers seeking advanced cash handling technologies. Technically, the site leverages modern frameworks such as Next.js and Sitecore CMS, hosted on Vercel, ensuring a good digital maturity level. However, the security posture is weakened by the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user trust and data security. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

N

NovaTaste Austria GmbH

wiberg.eu

40

WIBERG, operated by NovaTaste Austria GmbH, is a well-established international spice and culinary product supplier targeting professional chefs, gastronomy, and catering sectors. The company offers a comprehensive range of high-quality products, supported by a professional and content-rich website that includes detailed product information, recipes, and sustainability commitments. Technically, the website is built on modern frameworks such as Next.js and React, hosted likely on Microsoft Azure, and demonstrates good design and user experience. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While several security headers are implemented, the lack of HTTPS undermines these protections. Privacy compliance is good with a comprehensive privacy policy, but no explicit cookie consent mechanism was detected. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.

F

FLSmidth A/S

flsmidth.com

39

FLSmidth A/S is a global leader in mineral processing equipment and services, serving the mining industry with a comprehensive portfolio of products, parts, and digital solutions. The company emphasizes sustainability through its MissionZero program, aiming for zero-emissions mining by 2030. The website is built on a modern Next.js framework and hosted on Vercel, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which significantly impacts the site's security posture. Despite this, the site provides extensive business and investor information, clear contact details, and demonstrates good privacy compliance with comprehensive legal pages. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

C

CMC Markets

cmcmarkets.com

40

CMC Markets is a well-established global online trading platform founded in 1989, offering leveraged trading on a wide range of financial instruments including forex, indices, commodities, cryptocurrencies, shares, ETFs, and bonds. The company operates multiple trading platforms such as MetaTrader 4, MetaTrader 5, TradingView integration, and its proprietary web and mobile platforms, serving over 1.5 million global clients. It is a FTSE 250 listed company with a strong market position and multiple regulatory licenses, including in Bermuda and the UK. The website is professionally designed, content-rich, and targets retail and institutional traders worldwide. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with good mobile optimization and SEO practices. The platform supports multiple device types and integrates third-party services for enhanced user experience and marketing. However, the SSL certificate is currently invalid or missing, which is a critical security concern. Security headers are partially implemented, and there is no evidence of advanced security policies or incident response information on the site. The security posture is moderate with room for improvement, especially in SSL configuration and additional security headers. Privacy and cookie policies are present and indicate GDPR compliance, with clear consent mechanisms. Contact information is comprehensive, including phone, email, and physical addresses in multiple countries. The company demonstrates strong business credibility through trust indicators such as awards, Trustpilot reviews, and regulatory compliance. Overall, CMC Markets presents a professional and trustworthy online trading service with a mature digital presence. Addressing the SSL certificate issue and enhancing security headers would significantly improve the security posture and user trust.

T

Trenkwalder Group AG

trenkwalder.com

40

Trenkwalder Group AG is a large, established HR services provider operating across multiple European countries. The company offers a range of services including HR service, outsourcing, and technology solutions, targeting both job seekers and corporate clients. Their digital presence is supported by modern web technologies such as Next.js and Storyblok CMS, hosted likely on Microsoft Azure infrastructure. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and country-specific domains. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service detected. The company maintains a strong social media presence and provides clear contact information, enhancing business credibility. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to meet modern standards.

G

Grupo La República Publicaciones

larepublica.pe

34

La República.pe is a prominent Peruvian news media company providing comprehensive news coverage across multiple domains including politics, economy, sports, entertainment, and international affairs. The website offers rich multimedia content such as videos, podcasts, and live updates, targeting Spanish-speaking audiences primarily in Peru. The company is well-established since 1981 and operates several subsidiary and partner sites, reinforcing its market presence. Technically, the site is built on modern web technologies including React and Next.js, hosted on Amazon CloudFront, and integrates advertising and analytics tools like Google Tag Manager, Teads, and Taboola. The site is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site currently suffers from an invalid SSL certificate, which is a critical issue that undermines user trust and secure communications. Other security best practices such as HSTS, OCSP stapling, and DNSSEC are not implemented, indicating room for improvement. Privacy compliance is partial, with a comprehensive privacy policy but no detected cookie consent mechanism. Overall, the site is a high-quality, trusted news source with strong business credibility but needs urgent attention to its SSL configuration and privacy compliance to enhance security and user trust.

A

Ahoi Kapptn FlexCo

ahoikapptn.com

40

Ahoi Kapptn FlexCo is a technology-focused company specializing in digital solutions for businesses, including consulting, UI/UX design, AI applications, and scalable software development. The company serves a diverse clientele including notable brands such as Red Bull, SAP, and the Austrian Football Association, positioning itself as a trusted provider of innovative digital products. Their business model revolves around delivering end-to-end digital product development and optimization services, targeting businesses seeking to evolve their digital presence and capabilities. Technically, the website is built on a modern stack using Next.js and React, hosted on Vercel, with native mobile app development capabilities demonstrated in their projects. The site is well-structured, mobile-optimized, and rich in content, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS enforcement, which undermines user trust and data security. Privacy compliance is generally good, with a clear privacy policy and GDPR adherence, though the lack of a cookie consent mechanism is a notable shortfall. Overall, the website presents a professional and credible business front but requires urgent security improvements to align with best practices and user expectations.

P

ProSiebenSat.1 PULS 4

puls4.com

39

PULS 4 is a prominent Austrian media company offering a comprehensive TV broadcasting and streaming platform, integrated with the JOYN service. The website targets German-speaking audiences in Austria with a rich variety of content including live TV, series, news, and entertainment. The business operates under the umbrella of ProSiebenSat.1 Media SE, reflecting a strong market position in the Austrian media landscape. Technically, the site leverages modern web technologies such as Next.js and is hosted on Amazon CloudFront, ensuring scalability and performance. However, the absence of a valid SSL certificate is a significant security concern that undermines user trust and data protection. Privacy and legal compliance are well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates a mature digital presence but requires urgent remediation of its SSL/TLS configuration to meet security best practices.

Bahlsen GmbH & CO. KG is a well-established German company specializing in the production and sale of high-quality pastries, cookies, and wafers with a history spanning over 130 years. The website targets consumers interested in premium bakery products and maintains a strong brand presence with localized content for multiple countries. Technically, the site is built using modern frameworks such as Next.js and React, hosted on Vercel, and integrates a headless CMS (Storyblok) for content management. However, the website currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. While security headers like Content-Security-Policy and Strict-Transport-Security are present, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Privacy compliance is partially met with a comprehensive privacy policy and terms of use, but no cookie consent mechanism is detected. Overall, the site demonstrates good business credibility and professional content but requires urgent security improvements.

Takeda Pharma A/S, a subsidiary of Japan's largest pharmaceutical company, operates a comprehensive and professionally designed Danish website that reflects its global presence and commitment to healthcare innovation. The company focuses on developing and providing innovative pharmaceutical solutions, emphasizing patient access and collaboration with healthcare partners. The website demonstrates strong digital maturity with modern technologies like Next.js and React, hosted on Cloudflare and Vercel, and integrates privacy and cookie compliance mechanisms effectively. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the site's security posture. While security headers and best practices are partially implemented, the lack of HTTPS significantly impacts the overall security score. The site provides clear contact information, social media links, and extensive business information, reinforcing its credibility. Strategic recommendations include immediate SSL certificate renewal, full HSTS implementation, and enhanced security policy disclosures to improve trust and compliance.

B

Bayer G4A

grants4apps.com

36

Bayer G4A operates as a healthcare innovation accelerator focused on digital health startups, providing funding, consulting, and expertise to scale businesses that transform healthcare experiences. The website positions Bayer G4A as a leading pharmaceutical accelerator with a portfolio of over 150 startups and multiple commercial collaborations worldwide. Technically, the site is built on modern frameworks such as Next.js and hosted on Vercel, with content managed via Builder.io, reflecting a contemporary digital infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Additionally, privacy and cookie policies are not found, and direct contact information such as emails or phone numbers is absent, limiting transparency and user trust. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent security and privacy improvements.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

G

Geberit Gruppe

geberit.com

40

Geberit Gruppe is a leading European manufacturer of sanitary products, recognized as a market leader with a comprehensive product portfolio including installation and flushing systems, piping systems, and bathroom systems. The company targets professionals in the sanitary industry, investors, media, and career seekers, emphasizing innovation, quality, and sustainability. The website reflects a mature digital presence with modern technologies such as React and Next.js, hosted on Microsoft Azure, and includes a consent management system for privacy compliance. Security headers are implemented; however, the SSL certificate is currently invalid, and no modern TLS protocols are enabled, which poses a security risk. Overall, the website is professional, well-structured, and trustworthy, but the SSL issues should be addressed promptly to enhance security and user trust.

S

SoftwareOne Österreich GmbH

comparex.at

40

SoftwareOne Österreich GmbH is a leading enterprise software and cloud solutions provider with a strong global presence and local expertise in Austria. The company offers a broad range of services including cloud migration, application modernization, IT asset management, software sourcing, and customer training. Their business model focuses on B2B services, supporting digital transformation initiatives for enterprises across multiple industries. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates advanced cookie consent and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in SSL/TLS configuration to enhance security.

C

Ceramiche Atlas Concorde S.p.A.

atlasconcorde.com

40

Atlas Concorde is a well-established Italian manufacturer specializing in ceramic and porcelain tiles for floors, walls, outdoor spaces, furniture, and related products. The company has a mature market presence with 25 years of experience and offers a comprehensive product system including various collections and innovative technologies. The website demonstrates a high level of digital maturity with a modern tech stack based on Next.js and Vercel hosting, providing a professional and user-friendly experience across multiple languages. Security measures are in place with several HTTP security headers configured; however, the absence of a valid SSL certificate and lack of advanced SSL features like OCSP stapling reduce the overall security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy practices. Overall, the website reflects a credible and professional business with a solid online presence.

S

Saffron Brand Consultants

saffron-consultants.com

32

Saffron Brand Consultants is a well-established global brand consultancy specializing in creating memorable brand experiences through strategy, design, and product delivery. With multiple international offices and a strong portfolio of clients in technology and other sectors, Saffron positions itself as a leader in brand identity and experience ecosystems. The website reflects a professional and consistent brand image with rich multimedia content and comprehensive policy documentation. Technically, the site uses modern frameworks such as Next.js and React, with CDN and video hosting integrations, but lacks HTTPS which is a critical security gap. Security headers are partially implemented but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility is high, but urgent security improvements are needed to protect user data and trust.

A

Austria Center Vienna

acv.at

39

Austria Center Vienna (ACV) is Austria's largest congress center, offering extensive event spaces and modern technology in a central location in Vienna. It serves a wide range of event types including congresses, exhibitions, corporate events, product presentations, galas, and e-sports, targeting both national and international clients. The business is operated by the public company IAKW-AG and holds a strong market position with numerous awards and certifications, emphasizing sustainability and innovation. Technically, the website is built on modern frameworks like Next.js and React, hosted via Cloudflare, and integrates consent management tools such as Usercentrics. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical issue. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, content-rich, and trustworthy but requires urgent security improvements to protect user data and enhance trust.

R

Ricoh USA, Inc.

ricoh-usa.com

40

Ricoh USA, Inc. is a leading enterprise providing digital business services and printing solutions primarily targeting businesses, government agencies, and educational institutions in the United States. The company offers a comprehensive portfolio including managed print services, cloud and IT infrastructure, cybersecurity, and business process automation. Their market position is reinforced by industry recognitions such as being named a leader in cloud print services by Quocirca and IDC MarketScape. Technically, the website is built on modern frameworks like React and Next.js, managed via Contentful CMS, and hosted with Cloudflare DNS services. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is readily available through multiple channels. Overall, the website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

D

durchblicker GmbH

durchblicker.at

37

durchblicker GmbH operates Austria's largest tariff comparison portal, specializing in consumer savings on household fixed costs such as insurance, energy, finance, and telecommunications. The platform offers a broad range of comparison calculators and personalized expert consultations, positioning itself as a trusted advisor for Austrian consumers. The website is professionally designed, mobile-optimized, and rich in relevant content, supporting a strong market presence. Technically, the site leverages modern frameworks like Next.js and React, hosted on Google Cloud infrastructure with Cloudflare DNS services. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of support for modern TLS protocols, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms, and business credibility is reinforced by strong trust signals including eKomi ratings and industry awards. Strategic improvements in SSL/TLS implementation and DNS security would significantly enhance the overall security and trustworthiness of the platform.

iSi GmbH is a well-established global manufacturer specializing in pressurized gas chargers and related solutions across automotive, components, and culinary sectors. Founded in 1867 in Vienna, the company has a strong market presence with operations in over 90 countries. The website reflects a professional digital presence using modern web technologies such as Next.js and React, supported by a Shopware 6 CMS backend. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and disabled TLS protocols, which severely impact the security posture and user trust. Privacy compliance is well addressed with comprehensive policies and a consent management platform. The company maintains transparency through corporate policies and whistleblower mechanisms, and engages users via social media and career portals.

C

CPB Contractors

cpbcon.com.au

40

CPB Contractors is a well-established major contractor specializing in critical and complex infrastructure projects across Australia and New Zealand. The company operates as a subsidiary of the CIMIC Group and holds a leading market position in sectors such as transport, energy, and construction. Their website reflects a professional business model focused on large-scale infrastructure delivery, with key services including rail, tunneling, roads, water, and new energy projects. The target audience includes government agencies, industry partners, and prospective employees. Technically, the website is built on modern frameworks including Next.js and Material-UI, integrated with Sitecore CMS, and employs Google Analytics and Tag Manager for tracking. However, the site suffers from slow load times and lacks a valid SSL certificate, which critically impacts security and user trust. Mobile optimization and SEO are adequately addressed, but accessibility features are basic. From a security perspective, the absence of HTTPS and security headers represents a significant vulnerability. No explicit security policies or incident response contacts are published, and privacy compliance is limited despite the presence of a privacy policy. The site uses tracking technologies but lacks cookie consent mechanisms, indicating partial privacy compliance. Overall, the website is functional and professional but requires urgent security improvements, especially SSL implementation and enhanced privacy compliance, to reduce risk and improve trustworthiness.

G

GEA Group Aktiengesellschaft

gea.com

40

GEA Group Aktiengesellschaft is a leading global supplier of systems and components primarily serving the food, beverage, and pharmaceutical industries. Founded in 1881 and headquartered in Germany, GEA offers a comprehensive portfolio including machinery, plants, advanced process technology, components, and services. The company is publicly listed and recognized for its sustainability efforts, being part of major sustainability indices. Technically, the website is built on modern frameworks such as Next.js and hosted on Microsoft Azure, with a Sitecore CMS backend, providing a rich and well-structured user experience across multiple languages. However, the security posture is currently weak due to the absence of a valid SSL/TLS certificate and lack of HTTPS support, which poses significant risks to data integrity and user trust. Privacy and cookie policies are well implemented and GDPR compliant, reflecting a strong commitment to data protection. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in its security infrastructure to align with best practices and protect its users.

S

SimCorp A/S

simcorp.com

40

SimCorp A/S is an established enterprise software provider specializing in integrated, multi-asset investment management solutions for leading asset managers globally. The company offers a comprehensive platform, SimCorp One, alongside specialized point solutions such as Axioma risk models. The website reflects a mature business with a strong market position, supported by numerous industry awards and client testimonials. Technically, the site is built on modern frameworks including Next.js and hosted on Vercel, with a headless Sitecore CMS backend, ensuring good digital maturity and user experience. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, the site is professional and credible but requires urgent security improvements to align with best practices.

I

International Workplace Group plc

iwgplc.com

40

International Workplace Group plc (IWG) is a global leader in providing hybrid working solutions through an extensive network of office spaces, coworking locations, virtual offices, and meeting rooms. The company targets businesses and professionals seeking flexible workspace options worldwide, positioning itself as the premier provider in the real estate sector for hybrid work environments. Their business model revolves around workspace-as-a-service, offering scalable and customizable solutions to meet diverse client needs. Technically, the website leverages modern frameworks such as Next.js and Sitecore CMS, hosted on Azure, with integrations including OneTrust for privacy management and Google Tag Manager for analytics. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, although performance metrics are moderate due to lack of explicit data. From a security perspective, the site exhibits several best practices including comprehensive security headers and secure cookie attributes. However, a critical issue is the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture. Other vulnerabilities include disabled TLS protocols and missing HSTS enforcement. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, while the business and technical aspects of the website are robust and professional, the critical security gaps related to SSL/TLS must be addressed promptly to ensure user trust and data protection. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers to elevate the security posture.

EssenceMediacom is a global media agency specializing in creating breakthroughs for brands across diverse industries. With over 10,000 employees operating in 96 markets, the company offers integrated media solutions, analytics, creative futures, and specialist B2B marketing services. The website reflects a strong market position supported by a comprehensive service portfolio and global reach. Technically, the site is built on modern frameworks such as Next.js and React, hosted via Cloudflare, and uses DatoCMS for content management. While the site demonstrates good mobile optimization, accessibility, and SEO practices, performance metrics indicate slower load times that could be improved. Security posture is moderate; although security headers and content security policies are well implemented, the lack of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent SSL and TLS improvements to enhance security and user trust.

fiskaly GmbH is a technology company specializing in cloud-based fiscalization solutions tailored for European markets including Germany, Austria, Spain, Italy, and France. Their services focus on enabling retailers and POS providers to comply with complex fiscal regulations through APIs and cloud services. fiskaly holds a strong market position as a leading provider of cloud TSS solutions in Germany and is expanding its footprint across Europe. The website demonstrates a professional, well-branded presence with comprehensive content, customer testimonials, and partner endorsements. Technically, the website is built on a modern Next.js framework hosted on Netlify, leveraging React and various marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. The site is mobile-optimized and accessible, with good SEO practices. However, a critical security issue is present due to an invalid or missing SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, fiskaly implements several best practices including HSTS and security headers, and holds ISO 27001 certification, indicating a mature security framework. Despite this, the lack of a valid SSL certificate and TLS support is a major vulnerability that must be addressed urgently to protect user data and maintain trust. Overall, fiskaly presents a credible and professional business with strong compliance and technical capabilities but must remediate critical SSL/TLS issues to ensure secure and trustworthy operations online.

Electrolux is a globally recognized leader in household appliances, offering a wide range of products including cooking, cooling, laundry, vacuum cleaners, and small kitchen appliances. The website targets Finnish consumers, providing comprehensive product information, promotions, and support services. The digital infrastructure is built on modern technologies such as Next.js, ensuring a responsive and user-friendly experience. While the site employs multiple analytics and marketing tools for personalization and tracking, it maintains good privacy compliance with clear cookie and privacy policies. Security headers are implemented, but the absence of a valid SSL certificate and some advanced security features reduces the overall security posture. The domain registration aligns well with the business identity, confirming legitimacy. Strategic improvements in SSL management and enhanced security practices are recommended to strengthen trust and compliance.

F

Freshfields

freshfields.com

40

Freshfields is a leading global law firm serving the world’s biggest international organizations with comprehensive legal advisory services. The firm is well-positioned in the market with elite rankings and a strong brand presence. Their website reflects a mature digital infrastructure using modern web technologies such as React and Next.js, hosted on Cloudflare with extensive use of analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure client interactions.

C

CloudBees, Inc.

cloudbees.com

40

CloudBees, Inc. is a leading enterprise software company specializing in continuous integration and continuous delivery (CI/CD) solutions, primarily based on Jenkins. The company offers a comprehensive suite of DevOps tools and platforms designed to accelerate software delivery, improve developer productivity, and ensure security and compliance at scale. CloudBees holds a strong market position as the #1 Jenkins enterprise CI/CD platform provider, serving large enterprises globally with a focus on technology sectors. Their business model includes SaaS and on-premises offerings, targeting enterprise development teams and IT executives. Technically, CloudBees employs modern web technologies such as React and Next.js, hosted on AWS infrastructure with integrations to major cloud providers. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Marketing and analytics tools are implemented with user consent mechanisms, reflecting privacy compliance. From a security perspective, while the website implements multiple security headers and policies, a critical issue is the invalid or missing SSL certificate and disabled TLS protocols, which significantly impact the security posture. The company maintains security policies, incident response contacts, and certifications such as SOC 2 and ISO 27001, indicating a mature security framework. However, immediate remediation of SSL and TLS configurations is necessary to protect user data and maintain trust. Overall, CloudBees presents a professional and trustworthy online presence with strong business credibility and technical infrastructure. Addressing the SSL and TLS issues will elevate their security posture and align with their enterprise-grade offerings.

U

UNTHA shredding technology GmbH

untha.com

29

UNTHA shredding technology GmbH is a well-established manufacturer specializing in industrial shredding machines for various waste and recycling applications. With over 50 years of experience and a global presence including subsidiaries in the US, the company offers tailored shredding solutions for materials such as residual wood, metal, plastics, electronic waste, and more. The website reflects a professional and comprehensive digital presence with detailed product information and customer testimonials. Technically, the site uses modern frameworks like Next.js and React, hosted on AWS CloudFront, and integrates privacy and analytics tools such as Cookiebot, Google Tag Manager, and Matomo. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that significantly impacts the site's security posture. Security headers are properly configured, but the lack of TLS protocols and certificate transparency compliance are notable vulnerabilities. Overall, the site is trustworthy and business credible but requires urgent security improvements to protect user data and enhance trust.

D

Dorner Electronic GmbH

dorner.at

35

Dorner Electronic GmbH is a medium-sized Austrian company specializing in technology and software solutions for concrete manufacturers, including ready-mix, precast concrete, dry batch, and bulk material sectors. The company positions itself as a European market leader with a global presence through subsidiaries and partner networks. Their offerings include automation solutions, software products, and apps that digitalize and optimize production processes from order to invoicing. Technically, the website is built on modern frameworks such as Next.js and React, hosted on HostingHub Cloud, and demonstrates good mobile optimization and SEO practices. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.