Security Directory

T

Transsystem Spółka Akcyjna

transsystem.pl

32

Transsystem Spółka Akcyjna is a Polish manufacturing company specializing in the production and general contracting of technological transport systems, primarily serving the tire industry, intralogistics, and e-commerce sectors. With over 31 years of market presence and a portfolio of international projects, the company maintains a solid market position supported by partnerships with major industry players such as Michelin, Goodyear, and Bridgestone. The website reflects a professional business model focused on manufacturing and technological transport solutions. Technically, the site is built on WordPress with common plugins like Yoast SEO and Contact Form 7, and it integrates Google Tag Manager and reCAPTCHA for analytics and security. However, the absence of a valid SSL certificate and HTTPS support is a significant security shortfall, exposing users to potential risks. Privacy and cookie policies are present and appear comprehensive, supporting GDPR compliance. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements to align with best practices.

P

planlicht GmbH&Co. KG

planlicht.com

40

PLANLICHT GmbH&Co. KG is an Austrian company specializing in architectural LED lighting solutions, serving sectors such as office, public, hospitality, and retail. Their website offers a comprehensive product catalog, customization options, and detailed technical documentation, targeting architects and lighting professionals. The company maintains a professional online presence with multilingual support and active social media channels. Technically, the website is built on WordPress with popular plugins and frameworks, providing a good user experience and moderate performance. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Business credibility is supported by clear contact information, job listings, and consistent branding. Overall, the site is functional and professional but requires urgent security improvements.

Boston Scientific Corporation is a leading global healthcare company specializing in innovative medical devices and solutions aimed at improving patient outcomes. The website targets healthcare professionals, patients, caregivers, investors, and other stakeholders, offering comprehensive product information, educational resources, and corporate responsibility content. The company is well-established with a mature domain and strong brand presence. Technically, the website leverages Adobe Experience Manager as its CMS, integrates modern marketing and analytics tools such as Adobe Target and Google Tag Manager, and provides a responsive, accessible user experience. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Security headers and content security policies are implemented but their effectiveness is limited without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of its SSL/TLS configuration to ensure user trust and data protection.

SPP Pension & Försäkring AB is a well-established Swedish financial services company specializing in pension, savings, and insurance solutions for both private individuals and businesses. The website reflects a mature digital presence with comprehensive content tailored to its Swedish audience, emphasizing sustainable and accessible pension products. The company operates under the parent company Storebrand, reinforcing its market position in the Nordic financial sector. Technically, the site leverages modern frameworks such as Blazor Server and integrates multiple third-party marketing and analytics tools, including Google Tag Manager, Hotjar, and Salesforce platforms. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the site's security posture. While privacy and cookie policies are well implemented with consent mechanisms, no explicit security policy or incident response contacts are found. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

T

Ticket Gretchen GmbH

ticketgretchen.com

38

Ticket Gretchen GmbH operates a mobile application platform focused on providing fast and direct ticket sales for cultural events across Austria, including theater, musicals, concerts, and operas. The company targets cultural enthusiasts, especially younger demographics such as U27 and U30, offering exclusive promotions and original tickets without price surcharges. The website reflects a professional and well-branded presence with comprehensive event listings and user testimonials, positioning the company as a leading cultural ticketing service in Austria. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and WPBakery Page Builder. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, supporting moderate user tracking and marketing efforts. Hosting is provided via Amazon AWS DNS infrastructure. The site is mobile-optimized and SEO-friendly, delivering a good user experience. From a security perspective, the website lacks HTTPS encryption, which is a critical vulnerability exposing users to potential data interception. Security headers are minimal, and no advanced security policies or incident response information are published. While no immediate vulnerabilities or malware are detected, the absence of SSL/TLS and security best practices significantly lowers the security posture. Overall, the business is credible and trustworthy based on domain registration consistency, clear contact information, and positive user feedback. However, the lack of HTTPS and cookie consent mechanisms presents compliance and security risks. Strategic improvements in security infrastructure and privacy compliance are recommended to enhance user trust and regulatory adherence.

ConSol Consulting & Solutions Software GmbH is a medium-sized German IT service provider specializing in custom IT solutions and product solutions across the entire software lifecycle. The company has a strong market position with notable clients such as BMW Group, Union Investment, and Lidl, and holds ISO 9001 and ISO 27001 certifications. Their website is professionally designed, content-rich, and well-structured, targeting businesses seeking tailored IT and software services. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and integrates multiple analytics and marketing tools. However, the current lack of a valid SSL certificate and absence of HTTPS support represent critical security vulnerabilities that must be addressed promptly. The security posture is otherwise supported by appropriate security headers but lacks advanced SSL/TLS configurations. Overall, the website demonstrates good privacy compliance with comprehensive cookie and privacy policies and consent mechanisms. Strategic improvements in SSL/TLS implementation and security configurations are recommended to enhance trust and security.

Luxoft, a DXC Technology Company founded in 2000 and headquartered in Switzerland, is a global enterprise technology services provider specializing in software engineering and digital transformation. The company serves multiple industries including automotive, finance, telecommunications, energy, and retail, offering a broad portfolio of services such as cloud solutions, data analytics, machine learning, and legacy modernization. Luxoft positions itself as a trusted partner for enterprises seeking to modernize IT systems and achieve sustainable digital advantage. The website reflects a mature digital presence with comprehensive content, structured data, and clear navigation targeting enterprise clients worldwide. Technically, the site uses modern frameworks and integrates advanced marketing and analytics tools with consent management, indicating a high level of digital maturity. However, the security posture is weakened by an invalid SSL certificate and lack of TLS support, which poses significant risks to secure communications and user trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, Luxoft demonstrates strong business credibility and professionalism but should urgently remediate SSL/TLS issues to enhance security and trust.

ASM is a leading enterprise in the semiconductor technology and manufacturing sector, specializing in advanced equipment and process technologies such as Atomic Layer Deposition, Epitaxy, and Silicon Carbide processing. The company has a strong market position supported by over 50 years of innovation and a comprehensive digital presence targeting semiconductor manufacturers, investors, and job seekers. Technically, the website employs modern tracking and marketing technologies including Google Tag Manager, Hotjar, and Facebook Pixel, hosted behind Cloudflare. However, the site suffers from critical SSL certificate issues, lacking valid HTTPS encryption and TLS protocol support, which significantly impacts its security posture. Despite strong security headers and privacy policies, the invalid SSL undermines trust and security. The absence of direct contact information on the site limits user engagement channels. Overall, ASM demonstrates a mature business and digital footprint but requires urgent remediation of SSL and encryption to enhance security and user trust.

Smurfit Kappa is a globally recognized FTSE 100 company specializing in paper-based packaging solutions with operations in over 30 countries. The website reflects a mature business with a strong emphasis on sustainability, innovation, and customer-centric packaging services across multiple sectors. The digital infrastructure leverages modern technologies such as React and Sitecore CMS, supported by marketing and analytics tools including Google Tag Manager, Cookiebot, and LinkedIn Insight Tag. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, which undermines the site's security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS issues to ensure secure user interactions.

Roland Berger is a well-established global management consultancy with a significant presence in Brazil through its São Paulo office, founded in 1976. The company offers a broad range of consulting services across multiple industries, focusing on corporate performance, digital transformation, and sustainability. The website reflects a professional and consistent brand image targeting business clients seeking expert advisory services. Technically, the site uses modern web technologies including AngularJS, Usercentrics for consent management, Google Tag Manager, and Matomo analytics, hosted behind Cloudflare. However, the security posture is weakened by the lack of a valid SSL certificate and absence of HTTPS enforcement, which is a critical issue for trust and compliance. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is comprehensive and clearly presented, enhancing business credibility. Overall, the site is content-rich and professionally maintained but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

A

Agos Ducato S.p.A.

agosducato.it

35

Agos Ducato S.p.A. is a well-established Italian consumer credit company with over 30 years of market presence, serving millions of customers through a large network of branches and digital platforms. The website provides comprehensive corporate information, social responsibility initiatives, and partner portals, reflecting a mature business model focused on customer-centric financial services. Technically, the site uses ASP.NET Web Forms with modern JavaScript libraries and integrates advanced consent management and analytics tools. However, the absence of a valid SSL certificate and missing DNS records represent significant security and operational risks. While the site demonstrates good privacy compliance and business credibility, these technical shortcomings reduce overall trust and security posture. Strategic improvements in SSL deployment, DNS configuration, and enhanced security headers are recommended to align the website with industry best practices and regulatory requirements.

J

Jobindex A/S

jobindex.dk

35

Jobindex A/S operates a leading Danish job portal that aggregates over 30,000 job listings daily, providing services for both job seekers and employers. The platform offers comprehensive job search capabilities, CV creation, job application guidance, and recruitment services, positioning itself as a key player in Denmark's employment market. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting Danish-speaking users primarily but also supporting English language options. Technically, the site employs modern JavaScript libraries and analytics tools such as jQuery, Bootstrap, Sentry, Google Tag Manager, and Piwik PRO, ensuring a robust digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent a critical security vulnerability that undermines user trust and data protection. Privacy compliance is well addressed with explicit cookie consent mechanisms and comprehensive privacy and cookie policies. Contact information and company legitimacy are clearly presented, enhancing business credibility.

Veolia Australia and New Zealand operates as a leading provider of sustainable environmental solutions focusing on water, energy, and waste management. The company leverages global expertise and innovative technologies to support ecological transformation and sustainability goals for businesses and communities in the region. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding consistent with a large enterprise. Technically, the site is built on Drupal 10 and uses modern web technologies and Cloudflare CDN for delivery. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture. Privacy compliance is well addressed with accessible privacy and cookie policies and consent mechanisms. Contact is primarily facilitated through webforms and social media channels, with no explicit company emails or phone numbers publicly listed. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the site is professional and content-rich but requires urgent security improvements to meet best practices.

C

CASO Document Management

scanpointusa.com

24

CASO Document Management is a medium-sized technology company specializing in document scanning, content management software, workflow automation, and related hardware solutions. Their website showcases a comprehensive portfolio of services and products aimed at helping businesses transition to paperless workflows and improve operational efficiency. The company holds a SOC 2 Type II certification, reinforcing their commitment to security and trust. Technically, the website is built on WordPress with the Divi theme and integrates various modern web technologies including Gravity Forms and Google Analytics. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the website is professional, content-rich, and trustworthy but requires urgent attention to its SSL/TLS configuration to ensure secure communications and maintain user trust.

Leder & Schuh AG operates the HUMANIC brand, a well-established shoe retailer and manufacturer with over 150 years of history. The company serves multiple Central and Eastern European markets through both online shops and physical stores, positioning itself as a market leader in Austria and surrounding countries. The website provides comprehensive business and product information, targeting consumers seeking quality footwear internationally. Technically, the site uses a modern tech stack including SAP Commerce, Google Tag Manager, and various marketing and analytics tools, hosted behind Cloudflare. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, exposing users to potential risks. Privacy compliance is addressed with cookie consent mechanisms and privacy policies, though some improvements are recommended. Overall, the website is professional and trustworthy but requires urgent security enhancements to protect user data and maintain credibility.

P

Peter Ofner GmbH

dirak.at

31

Peter Ofner GmbH is a specialized Austrian company providing innovative and tailored locking technology, hinges, and connection solutions primarily for industrial clients. The company positions itself as an expert in the manufacturing sector with a focus on quality products and personalized consulting. The website reflects a professional and well-structured digital presence, leveraging modern consent management and analytics tools, but lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. DNS records are notably missing or incomplete, which raises concerns about domain configuration consistency. Overall, the site offers comprehensive contact information and basic privacy compliance but lacks explicit security policies and incident response details.

L

Leadcom

leadcom-is.com

36

Leadcom Integrated Solutions (L.I.S.) Ltd., a Tech Mahindra company, is a medium-sized international telecommunications network deployment and solutions provider with a strong presence across Africa. The company offers a comprehensive portfolio of services including telecom infrastructure solutions, tower portfolio management, coverage enhancement, energy efficiency, site security, and network services. Their business model focuses on serving telecom operators, TowerCos, OEMs, and governmental/private enterprises with a professional and efficient network and operations platform. The website reflects a consistent and professional brand image with clear service offerings and geographic presence.

A

Abramson, Brown and Dugan Law

arbd.com

19

Abramson, Brown and Dugan is a specialized law firm based in New Hampshire focusing on medical malpractice and personal injury cases. The firm holds a strong market position in the state, recognized for winning more malpractice settlements and verdicts than any other local firm. Their website provides comprehensive information about their services, recent settlements, attorney profiles, and client testimonials, targeting individuals seeking legal representation for serious injury and malpractice claims. The business model centers on plaintiff legal services with a focus on compassionate client engagement and free consultations. Technically, the website is built on WordPress using the Enfold theme and integrates common technologies such as jQuery, Google Tag Manager, Google Analytics, and Google reCAPTCHA for form security. While the site is mobile optimized and SEO friendly, performance metrics indicate slow loading times, and accessibility features are basic. The site lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. DNS records are missing or not publicly visible, which is inconsistent with the active website presence. Security posture is weak due to the absence of HTTPS, missing DNSSEC, CAA, and HSTS configurations, and lack of security headers. No privacy, cookie, or terms of service policies are found, indicating compliance gaps with GDPR and other privacy regulations. The site uses Google reCAPTCHA to protect forms but lacks a formal security or incident response policy. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in security and privacy compliance. Strategically, the firm should prioritize obtaining and configuring a valid SSL certificate, properly configuring DNS records, and publishing comprehensive privacy and cookie policies. Enhancing security headers and implementing vulnerability disclosure mechanisms would further improve trust and compliance. These steps will reduce risk, improve user trust, and align the firm with modern security and privacy standards.

P

Pizzeria Uno Corporation

unos.com

21

Uno Pizzeria & Grill is a well-established restaurant brand known for inventing the original Chicago deep dish pizza in 1943. The website reflects a large hospitality business with a focus on dine-in, takeout, catering, and online ordering services. The brand maintains a consistent and professional online presence with good content quality and clear navigation. However, the technical infrastructure shows some weaknesses, including the absence of HTTPS, which is a critical security flaw. The site uses a variety of modern web technologies and marketing tools but suffers from slow performance and lacks a cookie consent mechanism. Security posture is basic with no valid SSL certificate, no HSTS, and no advanced security headers implemented. Privacy compliance is minimal with a basic privacy policy but no explicit cookie policy or consent. Business credibility is moderate with strong branding and social media presence but lacks explicit contact details on the main page. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

R

Rutar GmbH & Co KG

rutar.at

40

Rutar GmbH & Co KG operates a professional and comprehensive online presence for its retail furniture business in Austria. The website showcases a wide range of furniture categories, including kitchens, living rooms, bedrooms, and garden furniture, supported by detailed product listings and brand partnerships. The company emphasizes customer service with offerings such as free 3D kitchen planning, delivery, and assembly services. Technically, the website is built on WordPress with a modern tech stack including PHP 7.4, nginx, and popular plugins like Yoast SEO and Contact Form 7. The site is well-optimized for mobile devices and includes SEO best practices. Security measures include HTTPS with TLS 1.2 and 1.3, OCSP stapling, and secure cookie flags, though improvements like enabling HSTS and additional security headers are recommended. Privacy compliance is strong, with a clear privacy policy, cookie consent mechanisms, and GDPR adherence. Overall, the site reflects a mature digital infrastructure with a solid security posture and good business credibility.

L

LexisNexis Verlag ARD Orac GmbH & Co KG

lexisnexis.at

37

LexisNexis Österreich is a leading provider of intelligent legal, tax, and business information solutions in Austria, offering a broad portfolio of products including Lexis 360®, Lexis+ AI, compliance tools, and educational seminars. The company operates under the parent company RELX plc and targets professionals such as lawyers, tax advisors, companies, and public sector entities. The website demonstrates a high level of professionalism, rich content, and strong branding consistency, positioning LexisNexis as a market leader in its sector. Technically, the website is built on WordPress with modern front-end technologies and SEO best practices, including structured data and accessibility features. However, performance is rated slow, and hosting details are not fully clear. The site integrates marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent management. From a security perspective, the website lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability impacting user trust and data protection. While some security headers like HSTS are present, the overall SSL/TLS configuration is poor. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit security or incident response policies are found. Overall, the website is credible and professional but requires urgent security improvements to enable HTTPS and strengthen its security posture. Strategic recommendations include installing a valid SSL certificate, enabling modern TLS protocols, and publishing security policies to enhance trust and compliance.

LineMetrics GmbH is a medium-sized Austrian company specializing in smart building solutions through integrated sensor systems based on LoRaWAN technology. Their platform enables real-time data collection and analysis for energy consumption, room climate monitoring, and operational efficiency improvements. The company has a strong market presence with over 400 clients and 15,000 sensors deployed, positioning itself as a reliable provider in the real estate and technology sectors. Technically, the website is built on WordPress with modern plugins and integrations such as Kadence Blocks, WP Rocket, Google Tag Manager, and Zoho CRM, reflecting a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS, which significantly impacts the security posture. Privacy compliance is well addressed with comprehensive policies and active consent mechanisms. Overall, while the business and content quality are excellent, urgent improvements in security configurations are recommended to enhance trust and protect user data.

Burgenland Energie is a regional energy provider based in Austria, specializing in renewable energy solutions such as photovoltaic systems, battery storage, heat pumps, and e-mobility services. The company targets private customers, municipalities, and businesses within the Burgenland region, emphasizing energy independence and sustainability. Their digital presence includes a professional website with comprehensive product information, customer portals, and active social media channels. Technically, the website is built using modern web technologies including React and Next.js, hosted on AWS infrastructure with CloudFront and S3. While the site is mobile-optimized and well-structured for SEO and accessibility, performance metrics indicate slow loading times, which could be improved. The use of Google Tag Manager and Zoho CRM scripts indicates integration with marketing and customer relationship management tools. From a security perspective, the website lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability that undermines user trust and data security. Other security best practices such as HSTS, OCSP stapling, and session resumption are also missing. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism in place. Overall, the website presents a trustworthy and professional business with strong content and user experience but requires urgent improvements in SSL/TLS configuration to enhance security posture and protect user data effectively.

A

accilium GmbH

accilium.com

24

accilium GmbH is a medium-sized management and strategy consultancy specializing in digital transformation within the mobility, energy, and public sectors. With over 130 consultants across multiple European offices, it holds a strong market position among the top consultancies in the German-speaking region. The company offers services including strategy and innovation, business transformation, data intelligence, and organizational consulting. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, accilium demonstrates strong business credibility and digital maturity but requires urgent improvements in SSL/TLS security to protect its users and enhance trust.

B

ByteSource Technology Consulting GmbH

bytesource.net

40

ByteSource Technology Consulting GmbH is a medium-sized Austrian technology consulting firm specializing in cloud migration, Atlassian ecosystem services, DevOps, agile software development, and AI-driven business transformation solutions. Positioned as a leading Atlassian Platinum Solution Partner and AWS Advanced Tier Services Partner in Austria, ByteSource serves enterprises and medium to large businesses with a comprehensive portfolio of technology consulting and software development services. The company emphasizes innovation, security, and operational excellence, supported by certifications such as ISO 27001 and TISAX AL3. Technically, the website is built on modern frameworks including Next.js and is hosted on Amazon AWS infrastructure leveraging S3 and CloudFront CDN. The site integrates various marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Zoho SalesIQ, and Leadforensics, reflecting a mature digital marketing strategy. However, performance metrics indicate slow loading times, and while mobile optimization and accessibility are excellent, there is room for improvement in performance. From a security perspective, the site lacks a valid SSL certificate and does not support TLS protocols, which is a critical vulnerability impacting the overall security posture. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols significantly reduces the security score. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, ByteSource presents a professional and trustworthy online presence with strong business credibility and technical maturity, but the lack of HTTPS and proper SSL/TLS configuration poses a significant risk. Strategic recommendations include immediate remediation of SSL/TLS issues, enhancement of security headers, and performance optimization to improve user experience and security posture.

U

Uponor Suomi Oy

uponor.com

38

Uponor Suomi Oy is a leading international company specializing in building and infrastructure water transport solutions. The company offers a wide range of products and services including building technology, infrastructure products, project services, and customer support. It operates under the parent company Georg Fischer (GF) Group and targets professionals in construction, infrastructure planning, and homeowners. The website is well-designed, content-rich, and provides comprehensive information about products, services, and corporate policies. Technically, the site uses modern frameworks like React and Kentico CMS, with integrations for analytics and marketing tools. However, a critical security issue is the absence of a valid SSL/TLS certificate, exposing users to risks. Security headers are well implemented, but the lack of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to ensure secure user interactions.

S

Studiokon Ventures Private Limited

skvindia.com

18

Studiokon Ventures Private Limited (SKV India) is a medium-sized, ISO-certified interior design firm specializing in commercial office interiors and turnkey solutions across India. With over 15 years of experience, SKV offers comprehensive services including design & build, general contracting, financing solutions, and office fit-outs. The company targets businesses seeking modern, functional, and inspiring workspaces, positioning itself as a leading player in the Indian office interior design market. Technically, the website is built on WordPress with a modern tech stack including PHP 7.4, NitroPack for optimization, and various marketing and analytics tools. However, the site lacks HTTPS, which is a critical security gap. The security posture is weak due to absence of SSL, HSTS, and security headers, though no immediate vulnerabilities or exposed sensitive data were found. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

I

Interenergo d.o.o.

interenergo.si

35

Interenergo d.o.o. is a medium-sized energy company based in Slovenia, operating as part of the Austrian Kelag group since 2009. The company focuses on renewable energy investments, energy efficiency solutions, power purchase agreements, and energy trading across Southeast Europe. Their website is professionally designed with clear navigation and bilingual support, targeting businesses and investors interested in green energy solutions. Technically, the site uses modern JavaScript libraries and cookie consent mechanisms but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS significantly lowers the security posture. Contact information and privacy policies are clearly provided, supporting GDPR compliance. Overall, the website is functional and trustworthy but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

H

HOM Furniture

homfurniture.com

36

HOM Furniture is a large regional furniture retailer primarily serving the upper Midwestern United States, including Minnesota and surrounding states. The company offers a broad range of furniture, home décor, and design services both online and in physical stores. Their digital presence includes advanced features such as augmented reality visualization and room planning tools, indicating a moderate level of digital maturity. However, the website lacks a valid SSL certificate, which is a critical security shortfall that undermines user trust and data protection. While privacy policies are present, cookie consent mechanisms are missing despite the use of tracking and analytics tools. The site uses modern web technologies including MeteorJS and React, but performance data is lacking, suggesting potential optimization opportunities. Overall, the business appears legitimate and well-established, but security improvements are urgently needed to protect customer data and enhance trust.

The domain aisha.fi currently hosts a parked domain placeholder page provided by Hostinger, indicating no active business or website content. The page promotes Hostinger's hosting services and provides guidance for domain owners to set up hosting and manage nameservers. The technical infrastructure relies on Bootstrap, jQuery, Font Awesome, and Google Tag Manager, hosted on Hostinger with DNS managed by Cloudflare. However, the site lacks a valid SSL certificate and does not support HTTPS, which severely impacts security posture. No privacy, cookie, or terms of service policies are present, and no contact information or business details are provided, limiting trust and credibility. Overall, the site is non-operational as a business website and serves only as a parked domain.

C

CTP Chemisch Thermische Prozesstechnik GmbH

ctp-airpollutioncontrol.com

18

CTP Chemisch Thermische Prozesstechnik GmbH is a well-established Austrian company specializing in industrial air pollution control solutions with 40 years of experience. The company offers customized turnkey systems for air purification, VOC emission control, and hazardous pollutant removal, serving a global industrial clientele. Their website reflects a professional presence with clear business information and a focus on environmental technology. Technically, the site is built on Drupal 8 with modern web components but lacks a valid SSL certificate, which is a critical security shortfall. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. However, the absence of HTTPS significantly undermines the site's security posture and trustworthiness. Strategic improvements in SSL implementation and enhanced security headers are recommended to elevate the site's security and compliance standing.

P

Peschke

peschkedesign.at

31

Peschke Design GmbH is a well-established design agency based in Vienna, Austria, specializing in product design, UX/UI, app development, 3D visualization, and industrial design. With over 50 years of experience and a strong portfolio of reputable clients such as Carl Zeiss AG, ENGEL AUSTRIA GmbH, and Austrian Airlines, the company positions itself as a trusted partner for digital transformation and innovative design solutions. Their business model focuses on delivering comprehensive design and development services tailored to client needs, supported by a professional and content-rich website that targets businesses seeking high-quality design expertise. Technically, the website is built on WordPress, hosted on WP Engine, and uses Cloudflare as a CDN and proxy. It employs modern web technologies including React, jQuery, and Swiper.js, and supports multilingual content via WPML. SEO and accessibility are well addressed with Yoast SEO and adherence to WCAG guidelines. However, performance metrics are not available, though mobile optimization and navigation clarity are good. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. No TLS protocols are enabled, and security headers are minimal. While cookies are set with secure and HttpOnly flags, the absence of HTTPS exposes users to potential interception risks. Privacy compliance is strong with GDPR-aligned policies and a cookie consent mechanism. No explicit security or incident response policies are published. Overall, the website demonstrates high professionalism and business credibility but suffers from a critical security misconfiguration regarding SSL/TLS. Addressing this would significantly improve the security posture and trustworthiness of the site.

Austro Engine GmbH is a medium-sized Austrian manufacturer specializing in innovative aircraft engines, including jet fuel piston engines and rotary engines for UAV and APU applications. As part of the Diamond Aircraft Group, it holds recognized certifications and serves a global aviation market including private owners, flight schools, and special mission operators. The website is professionally designed, content-rich, and well-branded, reflecting a strong market position in general aviation engine manufacturing. Technically, the site uses TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from poor performance and lacks HTTPS, which is a critical security concern. Security headers are minimal and SSL/TLS configuration is inadequate, exposing the site to risks. Privacy compliance is well addressed with clear policies and consent management. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect users and enhance trust.

C

Controller Institut s.r.o.

controlling.cz

24

Controller Institut s.r.o. is a well-established Czech education provider specializing in finance and controlling training, offering seminars, certified cycles, online courses, corporate training, and mentoring. The company targets finance professionals and controllers seeking practical and certified education. The website reflects a mature business with 30 years of market presence and a strong focus on quality content and professional services. Technically, the site uses a custom CMS with popular JavaScript libraries and marketing tools but lacks modern security measures such as HTTPS, which is a critical vulnerability. The security posture is weak due to the absence of SSL/TLS and related security headers, exposing users to risks. Privacy compliance is partial, with no active cookie consent mechanism despite tracking scripts in use. Overall, the business credibility is high, supported by consistent WHOIS data and clear contact information. Strategic improvements in security and privacy compliance are recommended to enhance trust and protect users.

L

Ligabue

ligabue.it

26

Ligabue S.p.a. is a well-established company specializing in global food service and logistics for the maritime and energy sectors. The company operates in 16 countries with a network of 200 partners and suppliers across 417 ports, providing ship supply, cargo services, industrial services, and maritime hospitality. Their website reflects a professional and comprehensive digital presence, leveraging WordPress CMS and modern frontend technologies. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy policies are well addressed through a reputable third-party provider, indicating good compliance with GDPR standards. Overall, the company demonstrates strong business credibility and market positioning but must urgently address its security posture to align with best practices and regulatory requirements.

Q

QuoVadis

quovadisglobal.com

34

QuoVadis, now a part of DigiCert, is a well-established international Certification Service Provider specializing in digital certificates, SSL/TLS, managed PKI, digital signature solutions, and root signing. The company holds strong accreditations such as WebTrust and ETSI and serves a broad clientele including top banks, e-commerce sites, and Fortune 500 companies primarily in Europe and Bermuda. Their business model focuses on providing high-assurance digital identity and security services with local compliance and disaster recovery capabilities. The website reflects a professional and consistent brand presence with comprehensive service offerings and multiple country offices.

Georg Fischer Ltd is a well-established Swiss enterprise specializing in manufacturing and providing flow solutions across industrial, infrastructure, and building sectors. The company operates through four main divisions offering piping systems, casting solutions, machining solutions, and building flow solutions. The website reflects a mature digital presence with comprehensive content targeting industrial clients, investors, and job seekers. Technically, the site leverages Adobe Experience Manager, integrates modern analytics and marketing tools, and provides a good user experience with mobile optimization and accessibility features. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which is a critical issue that significantly impacts the overall security score. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high, supported by detailed investor relations and trust indicators. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

N

N26 SE

number26.de

40

N26 SE operates a leading mobile-first digital banking platform in Germany and Europe, offering a range of financial services including checking accounts, savings, investments, and a mobile telecom service branded as N26 SIM. The company holds a full banking license from BaFin, ensuring regulatory compliance and deposit protection up to 100,000 EUR. The website is professionally designed with excellent content quality and clear navigation, targeting consumers who prefer intuitive, app-based banking solutions. Technically, the site leverages modern web technologies such as React, Contentful CMS, and cloud hosting via AWS CloudFront, with integrated analytics and marketing tools like Datadog and Google Tag Manager. However, a critical security issue is the invalid SSL certificate and lack of modern TLS support, which undermines the security posture. Security headers and policies are well implemented, but SSL/TLS must be fixed to ensure trust and compliance. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent SSL remediation to maintain security and user trust.

F

Friendly Fire Communications GmbH

friendlyfire.at

36

Friendly Fire Communications GmbH is a Vienna-based technology company specializing in advanced 3D visualizations, virtual production, and interactive digital experiences. With approximately 20 years of experience and a client portfolio of over 100 brands, they offer a broad range of services including product visualization, real-time 3D configurators, digital brand storytelling, and virtual production solutions. Their business model focuses on delivering customized digital transformation packages tailored to client needs, targeting businesses seeking innovative digital marketing and product engagement tools. Technically, the website is built on WordPress with modern plugins such as Elementor Pro, Yoast SEO, and WPML for multilingual support. The site integrates multiple analytics platforms including Google Analytics and Matomo, and employs performance optimizations via WP Rocket. Hosting is provided by World4You. The site is well-structured, mobile-optimized, and rich in multimedia content, reflecting a mature digital presence. From a security perspective, the site lacks HTTPS, which is a critical vulnerability exposing users to data interception risks. Other security best practices such as HSTS, DNSSEC, and security headers are not implemented. The site does have a comprehensive privacy policy and cookie consent mechanism, indicating good privacy compliance. Contact information is clearly provided, enhancing business credibility. Overall, while the business and website demonstrate professionalism and strong market positioning, the absence of HTTPS significantly undermines security posture and user trust. Immediate implementation of SSL/TLS is strongly recommended to mitigate this critical risk.

M

Media Magic Video Production Services

mediamagic.tv

40

Media Magic Video Production Services is a small, established business based in Southern California specializing in video production services for businesses and nonprofits since 1984. Their offerings include website videos, fundraising presentations, trade show videos, commercials, PSAs, and training programs. The website is built on Squarespace, leveraging standard web technologies and Google Analytics for tracking. However, the site lacks a valid SSL certificate, serving content over HTTP only, which significantly impacts security posture. Contact information is clearly provided, and social media presence is active across multiple platforms. Despite good content quality and professional presentation, the absence of HTTPS and privacy policies introduces compliance and trust concerns.

P

PVH Corp.

pvh.com

40

PVH Corp. is a leading global apparel company known for its iconic brands Calvin Klein and Tommy Hilfiger. The company operates in over 40 countries with a large workforce and focuses on delivering fashion and lifestyle products. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive business information targeting consumers, investors, and job seekers. Technically, the site uses modern frameworks like Vue.js and is hosted on Microsoft IIS with Akamai CDN support, but lacks a valid SSL certificate, which is a critical security gap. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly reduces the security posture. Privacy compliance is partially addressed with a clear privacy policy and GDPR indicators, but no cookie consent mechanism is present. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

A

Angst+Pfister

angst-pfister.com

39

Angst+Pfister is a large Swiss-based engineering and manufacturing company specializing in custom materials design and engineering solutions. With over 300 engineers and a global presence across 24 locations, the company serves diverse industries including food & beverage, pharma, automotive, and energy. Their business model focuses on B2B partnerships delivering tailored solutions from design to production and distribution. The website reflects a mature digital presence with professional design, comprehensive content, and multilingual support. However, the absence of a valid SSL/TLS certificate is a critical security gap that undermines trust and data protection. Privacy policies and cookie consent mechanisms are in place, indicating GDPR compliance. The company maintains active social media channels and an online shop partner domain, supporting their market reach and customer engagement.

Cegeka is a well-established European IT company specializing in end-to-end IT solutions, consulting, and digital transformation services. The company targets enterprise clients across multiple sectors including technology, energy, finance, telecommunications, manufacturing, and government. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation. Technically, the site is built on HubSpot CMS, leveraging modern web technologies such as Lit and custom web components, and is hosted behind Cloudflare. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. Security headers are well implemented but cannot fully compensate for the lack of proper HTTPS. Privacy and cookie policies are present and GDPR compliant, though no explicit security or incident response policies are found. Overall, the website demonstrates strong business credibility and marketing sophistication but requires urgent SSL remediation to improve security and trust.

K

Kirchliche Pädagogische Hochschule Edith Stein

kph-es.at

34

The Kirchliche Pädagogische Hochschule Edith Stein is a regional educational institution in Austria specializing in teacher training and pedagogical education. It operates across four locations in western Austria and offers a range of study programs, continuing education, and research activities. The website is professionally designed and targets prospective and current educators, social pedagogues, and related professionals. The institution is positioned as a reputable academic entity with a clear focus on education and professional development. Technically, the website is built on TYPO3 CMS and uses Apache server technology. It integrates Google Tag Manager for analytics but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks and undermines trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism is evident. Contact information is provided primarily via a contact page and footer address, with no direct emails or phone numbers visible on the main page. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

TE Connectivity is a global enterprise specializing in the design and manufacture of connectors, sensors, and electronic components that enable innovation in data, power, signal, and sensing connectivity. With over 80 years of industry experience, TE Connectivity serves a broad range of sectors including energy, transportation, and technology. The company operates a comprehensive digital presence with a well-structured website offering extensive product information, customer engagement tools, and resources for engineers and industrial customers. Technically, the website leverages modern frameworks such as Angular, integrates with Adobe Experience Manager, and uses Akamai CDN for performance and security. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly undermines the site's security posture. Privacy and cookie policies are well implemented, reflecting compliance with GDPR and other regulations. Overall, TE Connectivity demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

EREMA Engineering Recycling Maschinen und Anlagen Ges.m.b.H. is a leading Austrian manufacturer specializing in plastic recycling machinery and systems. Founded in 1983, the company has established itself as a global market leader with over 7000 systems deployed worldwide, producing millions of tons of recycled granulate annually. Their business model focuses on manufacturing innovative recycling machines, providing customer testing centers, and offering digital solutions to optimize recycling processes. The website reflects a professional and comprehensive digital presence targeting industrial clients and businesses in the recycling sector. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, GSAP, and various UI libraries, hosted likely via A1 Telekom Austria infrastructure. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Performance data is missing, and while mobile optimization and SEO are good, accessibility is basic. Privacy and cookie policies are well implemented with consent mechanisms, indicating good GDPR compliance. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture, exposing users to potential risks. Other security headers and best practices are missing, and no incident response or vulnerability disclosure information is provided. The domain registration details align well with the company's claims, supporting legitimacy. Overall, while the business and content quality are excellent, the critical lack of HTTPS and SSL significantly lowers the security score and overall trustworthiness. Strategic improvements in security infrastructure are essential to protect users and maintain the company's reputable market position.

Kellanova is a global leader in the food manufacturing sector, specializing in snacking, cereals, noodles, and plant-based foods with a strong portfolio of iconic brands. The company targets consumers worldwide, investors, and potential employees, operating at an enterprise scale with a mature domain presence of over 22 years. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site leverages modern frameworks such as Bootstrap and Adobe Experience Manager, supported by Akamai CDN and integrated with marketing and privacy tools like Google Tag Manager and OneTrust. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the security posture and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The WHOIS data confirms strong domain registration practices and legitimacy. Overall, while the business and content aspects are strong, the lack of HTTPS is a major risk that should be remediated promptly.

H

Hill Woltron Management Partner GmbH

hill-woltron.com

25

Hill Woltron Management Partner GmbH is a well-established HR consulting and personnel placement firm operating primarily in Austria and Germany. With over 50 years of experience as an owner-managed family business, it offers a broad range of HR services including recruiting, personnel development, management audits, and employee surveys. The company targets both corporate clients and job candidates, leveraging a strong network and professional expertise to connect people with career opportunities. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on WordPress using Elementor as the page builder, supported by LiteSpeed Cache for performance optimization. It integrates Google Analytics and Google Tag Manager for analytics and marketing purposes. However, the website lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow performance due to missing SSL and possibly other optimizations. From a security perspective, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. While no other major vulnerabilities or exposed sensitive data were detected, the lack of HTTPS exposes users to risks such as data interception. The site includes a GDPR-compliant privacy and cookie policy with a consent mechanism, but no explicit security policy or incident response information is available. Overall, Hill Woltron presents a credible and professional business with strong market positioning in HR services. The primary risk is the missing HTTPS, which should be addressed urgently to protect user data and improve trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing security and incident response policies to strengthen compliance and user confidence.

Magenta.at is the official website of T-Mobile Austria GmbH, a leading telecommunications provider in Austria offering mobile, internet, TV, and bundled services for both consumers and business customers. The website is professionally designed with rich content, clear navigation, and strong branding consistency. It targets a broad audience including private and business users, providing detailed product offerings and customer support resources. Technically, the site is built on Adobe Experience Manager with modern web technologies including AngularJS and jQuery, and integrates marketing and analytics tools such as Google Tag Manager and Usercentrics CMP. However, the website suffers from a critical security issue: the SSL certificate is invalid and no TLS protocols are enabled, severely impacting the security posture. Security headers are partially implemented, but improvements are needed to ensure secure communications. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. Contact information is available primarily via phone and web forms, but no direct company emails are published. Overall, the site is trustworthy and legitimate, with WHOIS data consistent with the company identity. Strategic security improvements are recommended to restore full HTTPS security and enhance user trust.

S

Steuerexperten Wien | Österreich

steuerexperten.at

40

Steuerexperten.at is a well-established Austrian tax consultancy and business advisory firm based in Vienna, offering a broad range of services including tax consulting, accounting, business immigration, and corporate services. The company targets both Austrian and international clients, leveraging a digital platform (steuerexperten.PRO) to enhance client engagement and document management. The website is professionally designed, multilingual, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of valid SSL/TLS certification, exposing users to security risks. Privacy compliance is strong, with GDPR-aligned policies and cookie consent mechanisms in place. Contact information and trust signals such as certifications and testimonials are clearly presented, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect client data and enhance trust.