Security Directory

X

x.test GmbH

xtest.at

22

x.test GmbH is a specialized company in electronic measurement technology based in Austria, founded in 2010. The company offers a range of products and consulting services focused on electronic measurement, emphasizing quality and customer trust. The website is built on WordPress with modern plugins and frameworks, providing a professional and user-friendly experience. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. The site implements GDPR-compliant cookie consent mechanisms and provides clear privacy and terms of service pages, reflecting good privacy compliance. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical.

S

Sepura Limited

sepura.com

40

Sepura Limited is a UK-based company specializing in the design, development, and supply of TETRA and LTE digital radio products and applications for business and mission-critical communications. The company holds a strong market position as a leading provider of TETRA radios with a legacy spanning over 125 years. Their solutions target public safety, energy, transportation, and commercial sectors globally, supported by a large partner network and extensive R&D efforts. Technically, the website is built on WordPress with modern plugins and marketing tools, demonstrating good digital maturity and SEO practices. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and trust indicators such as certifications and customer testimonials. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

A

AEROCOMPACT Europe GmbH

aerocompact.com

23

AEROCOMPACT Europe GmbH operates as a global provider of photovoltaic mounting solutions, specializing in intelligent solar racking systems for roofs and open spaces. The company positions itself as a dynamic pioneer in the energy transition sector, offering both physical products and digital planning tools such as the Aerotool platform. Their market presence is supported by multiple global offices and a comprehensive service portfolio targeting solar engineers, project developers, and wholesalers. Technically, the website is built on TYPO3 CMS and employs modern web technologies including Google Tag Manager, Swiper.js, and Globe.gl for interactive features. While the site is content-rich and well-structured with good SEO practices, performance metrics indicate slow loading times, and accessibility features are basic. Mobile optimization is good, ensuring usability across devices. From a security perspective, the site lacks a valid SSL certificate and does not properly support HTTPS, which is a critical vulnerability. Security headers are minimal, and modern TLS protocols are not enabled. Despite these issues, the site uses secure cookies and has implemented privacy and cookie policies compliant with GDPR. Analytics and marketing tools are in use, with moderate user tracking. Overall, the website demonstrates strong business credibility and content quality but suffers from significant security shortcomings that must be addressed to protect user data and maintain trust. Strategic improvements in SSL/TLS configuration and security headers are recommended to elevate the security posture and compliance level.

O

Okto Community TV

okto.tv

36

Okto.tv is a community television platform based in Austria, focused on providing a space for media creators to develop and share their content. The website offers video streaming, live TV, workshops, and community engagement features. It targets local and cultural content creators and viewers, operating as a niche media broadcaster with a small organizational size and a mature domain age of 19 years. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Usercentrics CMP for cookie consent, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. The security posture is weak due to missing TLS protocols, HSTS, and other security headers. Privacy compliance is good with clear policies and consent mechanisms. The site lacks explicit contact information and incident response details, which impacts business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

A

AFI Solutions GmbH

afi-solutions.com

33

AFI Solutions GmbH is a medium-sized German technology company specializing in SAP-integrated software solutions for automated document processing. As part of the SER Group, it holds a strong market position with over 800 customers worldwide and offers certified SAP Add-Ons that enhance Purchase-to-Pay and Order-to-Cash processes using advanced technologies like AI and RPA. The company provides full-service offerings including consulting, implementation, training, and support. Technically, the website is built on TYPO3 CMS and employs modern analytics and consent management tools, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to risks and undermines trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the website is professionally designed with clear navigation and strong branding, but the lack of HTTPS significantly impacts its security posture and overall trustworthiness.

K

Klippa App B.V.

klippa.com

59

Klippa App B.V. is a Dutch technology company specializing in AI-driven document automation solutions that help businesses reduce operational costs, save time, and prevent fraud. Their market position is strong, serving over 1000 brands with products like DocHorizon and SpendControl, targeting finance professionals and enterprises across various sectors including banking, logistics, and public services. The company leverages modern web technologies and cloud infrastructure (Microsoft Azure) to deliver scalable and efficient services. Security practices are generally good with HTTPS and Cloudflare protection, but improvements in SSL/TLS configuration are recommended. The website demonstrates strong compliance with data protection regulations and holds relevant certifications such as ISO 27001 and ISO 9001. Overall, Klippa presents a professional, trustworthy, and technically mature digital presence.

A

Alkwin Kollege

alkwin.nl

32

Alkwin Kollege is a medium-sized secondary education institution located in Uithoorn, Netherlands, providing havo, atheneum, and gymnasium level education. The school emphasizes a safe and engaging learning environment and targets students and parents in the local region. The website is built on WordPress, uses Cloudflare for CDN and caching, and integrates Google Tag Manager for analytics. While the site has good content quality, SEO optimization, and mobile responsiveness, it lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. No explicit privacy or cookie policies are found, indicating gaps in privacy compliance. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and comply with modern web standards.

A

Art Build

artbuild.eu

40

Art Build is a medium-sized architecture studio operating primarily in Belgium, France, and Luxembourg, with a focus on innovative and collective intelligence-driven architectural solutions. The company maintains a professional and content-rich website that effectively communicates its services, projects, and thought leadership through sections like Work, Lab, and Talk. The technical infrastructure leverages modern web technologies including Craft CMS, JavaScript frameworks, and integrates third-party services such as Google Analytics and Stripe for analytics and payments. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well configured, but the lack of TLS protocols and HSTS reduces the overall security posture. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Contact information is transparent and consistent with the business location. Strategic recommendations include immediate SSL implementation, enabling modern TLS protocols, and enhancing security practices to align with industry standards.

BBI International operates as a specialized media and events company serving the biofuels, biomass, biodiesel, ethanol, carbon capture, sustainable fuels, and unmanned aircraft systems industries. The company publishes multiple niche magazines and organizes several well-established conferences and expos, positioning itself as a key information and networking hub within these sectors. The website content reflects a focused business model targeting industry professionals and companies seeking news, education, and event participation. Technically, the website runs on a Microsoft IIS server using ASP.NET with legacy jQuery scripts and integrates Google Analytics and Tag Manager for tracking. However, the site lacks HTTPS, exposing visitors to security risks and undermining trust. Security posture is weak with no SSL certificate, no advanced security headers, and no cookie consent mechanisms, indicating compliance gaps especially regarding GDPR. The WHOIS data aligns well with the business profile, confirming legitimacy and consistent registration details. Overall, the site provides relevant content but requires significant security and privacy improvements to meet modern standards.

S

Simone Buratto

simoneburatto.it

37

Simone Buratto is a small Italian company specializing in outdoor solar shading solutions and related products such as pergolas, outdoor furniture, and complements. The business operates primarily in Piemonte, Italy, targeting private customers, commercial hospitality businesses, architects, and construction firms. The website is built on WordPress with Elementor and Yoast SEO, showing a moderate level of digital maturity. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism via iubenda. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and build trust.

S

Società Dante Alighieri

ladante.it

25

Società Dante Alighieri operates a comprehensive digital platform, Dante Global, focused on promoting Italian language education and culture worldwide. The organization offers a variety of services including language courses, teacher training, certification via PLIDA, and cultural events. The website is professionally designed with a modern Angular framework and integrates multiple third-party services such as Snipcart for e-commerce and HubSpot for marketing and forms. Despite the rich content and strong business credibility, the website currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Privacy and cookie policies are well implemented and GDPR compliant, with clear contact information and active social media presence enhancing trust. The domain registration data aligns well with the organization's identity, supporting legitimacy. Strategic improvements in SSL/TLS deployment and HTTP security headers are recommended to enhance security posture and user trust.

C

Calderys

calderys.com

40

Calderys is a globally recognized enterprise specializing in refractory products and thermal protection solutions for industries operating under high temperature conditions, primarily serving the energy and manufacturing sectors. The company offers a comprehensive range of products and services including steel casting enhancement, metallurgical fluxes, and refractory services, supported by a broad international network of offices and experts. The website reflects a mature business with a strong market position and a recent strategic alliance with HarbisonWalker International, enhancing its footprint in the refractory industry. Technically, the website is built on Drupal 10 and incorporates modern front-end libraries and tools such as Google Tag Manager and Slick Carousel. While the site is mobile-optimized and SEO-friendly with good content quality and navigation, performance metrics indicate slow loading times. Accessibility is basic but present. The hosting is provided by Vox Teneo Web Engine. From a security perspective, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical vulnerability exposing users to risks and undermining trust. Although some security headers like Content Security Policy and X-Frame-Options are implemented, the absence of HTTPS and HSTS significantly lowers the security posture. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and clear privacy policies. Business credibility is high with detailed contact information, social media presence, and consistent branding. Overall, the website is professionally designed and content-rich but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic recommendations include immediate SSL/TLS deployment, enabling modern security protocols, and enhancing security headers and incident response capabilities.

Austria Trend Hotels is a well-established hospitality company operating multiple hotels across Austria and Slovenia, targeting both leisure and business travelers. The website provides comprehensive hotel listings, booking capabilities, and event services, supported by a modern technical infrastructure including Pimcore CMS and various tracking and marketing tools. However, the lack of a valid SSL certificate is a critical security weakness that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly presented. Overall, the site demonstrates strong business credibility and user experience but requires urgent security improvements.

S

Strolz GmbH

strolz.at

40

Strolz GmbH is a well-established Austrian retail and rental company specializing in alpine sports equipment and fashion, with a history dating back to 1921. The company operates a multi-floor flagship store in Lech am Arlberg and offers a wide range of services including ski and snowboard rental, fitting, and bike rental. Their market position is that of a premium, exclusive provider catering to winter sports enthusiasts and fashion-conscious customers. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates with Google Analytics and Tag Manager, and uses a Magnolia CMS. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. Overall, the business demonstrates strong credibility and professionalism but must address its SSL/TLS configuration urgently to improve security posture and user trust.

CME Group Inc. operates as a leading global derivatives marketplace, offering a diverse range of futures and options products for risk management across multiple asset classes including agriculture, energy, equity indices, FX, interest rates, and metals. The company serves a broad audience of traders, investors, and financial institutions, providing comprehensive market data, clearing services, and technology solutions. The website reflects a mature, enterprise-level organization with consistent branding and high-quality content tailored to its professional audience. Technically, the website leverages modern technologies such as React, jQuery, and Adobe Experience Manager, hosted via Akamai CDN, and integrates various marketing and analytics tools including Google Tag Manager, Evergage, and OneTrust for cookie consent. The site is well-optimized for mobile and accessibility, with good SEO practices evident in meta tags and structured data. From a security perspective, while the site employs important security headers and cookie protections, the SSL/TLS configuration appears incomplete or misreported in the provided data, lacking valid certificates and modern protocol support. This represents a significant security concern that should be addressed promptly to ensure secure communications and user trust. Overall, CME Group's website is professional, content-rich, and business credible, but requires immediate attention to its SSL/TLS implementation to align with best security practices and maintain its high trustworthiness in the financial sector.

G

Gesundheitscampus Wesel

mehrdrinalserwartet.de

29

Gesundheitscampus Wesel is a large healthcare organization based in Germany, providing a broad range of medical, nursing, and therapeutic services through an integrated campus model. The website reflects a professional and consistent brand focused on healthcare professionals and patients, emphasizing family-friendly work culture and digital transformation. Technically, the site is built on TYPO3 CMS with modern front-end frameworks and includes social media and analytics integrations. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and privacy policy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

K

Kammer für Arbeiter und Angestellte für Wien

akwien.at

40

The website akwien.at represents the Kammer für Arbeiter und Angestellte für Wien, a government-related non-profit organization advocating for workers' rights and social services in Vienna, Austria. The site offers comprehensive information and services including legal advice, consumer protection, educational resources, and digitalization funding. It targets employees and workers in Vienna, providing a rich content experience with clear navigation and strong branding. Technically, the site is built on a Gentics Portal CMS with a modern tech stack including jQuery, Bootstrap, Matomo Analytics, and Usercentrics for consent management. Hosting is provided by Anexia. While the site is mobile optimized and accessible, performance metrics indicate slow loading, and the SSL/TLS configuration is currently invalid, which is a critical security concern. Security posture is moderate with several security headers implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security score. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism in place. Business credibility is high due to consistent branding, official contact information, and alignment with WHOIS data. Overall, the site is a professional and trustworthy resource for workers in Vienna but requires urgent improvements in SSL/TLS configuration and performance optimization to enhance security and user experience.

Lohmann & Rauscher USA Inc. is a prominent international supplier specializing in medical devices and hygiene products, targeting healthcare professionals and patients. The company offers a broad portfolio including compression therapy, wound care, casting materials, and educational items. Their market position is strong, supported by recent acquisitions such as Unisurge International Ltd. and the teledermatology startup OnlineDoctor, indicating active growth and innovation. The website is professionally designed with comprehensive content and clear navigation, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and frameworks, but performance data is lacking and the site is currently not secured with HTTPS, which is a critical security gap. Security posture is weak due to the absence of a valid SSL certificate and lack of advanced security headers or policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is high given the detailed contact information, structured data, and active corporate communications. Overall, the site requires urgent security improvements to protect user data and enhance trust.

O

Otago Online Consulting GmbH

contentcook.at

26

Otago Online Consulting GmbH is a well-established Austrian online marketing agency specializing in SEO, SEA, social media marketing, display and video advertising, and data analytics. The company has a strong market position with a clear growth strategy including acquisitions such as Content Cook. Technically, the website is built on WordPress with modern marketing and analytics tools integrated, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced headers or incident response information published. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but urgently needs to implement HTTPS to improve security and trust.

H

HAAI GmbH

haai.at

40

HAAI GmbH is a medium-sized Austrian company specializing in providing innovative hardware, software, and IT services primarily targeting enterprises and small to medium businesses. The company positions itself as a trusted partner with exclusive partnerships with major technology brands such as A1, Apple, Microsoft, and Samsung, offering comprehensive device management and telecommunications solutions. Their business model focuses on B2B services including Device as a Service (DaaS), logistics, and IT security solutions. Technically, the website is built on WordPress with modern plugins and uses Cloudflare for CDN and security. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. The site implements GDPR-compliant cookie consent via Usercentrics and uses Google Tag Manager for analytics, reflecting a moderate level of privacy compliance. Overall, the website is professionally designed with good content quality and clear navigation, but the lack of HTTPS is a major risk that should be addressed promptly.

F

FinTech Connector

fintechconnector.com

40

FinTech Connector is a US-based fintech community platform that connects financial services professionals, organizations, and fintech entrepreneurs globally to collaborate and innovate in financial services. The platform offers matchmaking, collaboration marketplaces, funding portals, and hosts fintech events to foster innovation and impact. The website is professionally designed and hosted on Squarespace, leveraging modern web technologies and social media integration to engage its target audience effectively. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Privacy and cookie policies are present but lack a full consent mechanism, indicating partial privacy compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and trust.

N

N-SIDE

n-side.com

38

N-SIDE is a specialized deeptech company focusing on providing optimization and analytics solutions for the life sciences and energy sectors. Their offerings include software and professional services aimed at improving pharmaceutical manufacturing efficiency, clinical trial management, and energy forecasting and power matching for market participants. The website reflects a professional digital presence built on HubSpot CMS, leveraging modern web technologies and marketing tools such as Google Tag Manager. However, the security posture is weak due to the absence of a valid SSL certificate and proper HTTPS configuration, which poses a significant risk to user trust and data security. Privacy compliance is minimal, with no visible privacy or cookie policies, and no explicit contact information is provided on the homepage. Overall, the site demonstrates moderate business credibility and technical maturity but requires urgent improvements in security and privacy compliance to meet industry standards.

din – Dietmar Nocker Sicherheitstechnik GmbH & Co KG is a medium-sized Austrian company specializing in emergency lighting solutions with over 40 years of industry experience. The company offers a comprehensive portfolio including product development, systems, and service support, targeting businesses requiring compliant emergency lighting. Their market position is strong in Austria and neighboring countries, supported by multiple locations and a professional online presence. Technically, the website is built on WordPress with multilingual support and privacy-conscious analytics via Matomo. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security shortfall, exposing users to risks and undermining trust. The company demonstrates good privacy compliance with detailed cookie consent mechanisms and GDPR-aligned policies. Overall, the business is credible and professional but must urgently address its security posture to protect users and maintain trust.

LiSEC is a well-established Austrian manufacturer specializing in flat glass processing machinery and related software solutions. With over six decades of experience and a strong global export presence, LiSEC positions itself as a technology leader in the manufacturing sector, offering robust, innovative, and high-quality products. The company supports its customers with comprehensive after-sales services, training, and digital tools, emphasizing long-term partnerships and trust. Technically, the website is built on the TYPO3 CMS platform, hosted behind Amazon CloudFront CDN, and integrates marketing and analytics tools such as HubSpot and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are present and appear GDPR compliant, supporting responsible data handling practices. Overall, the website demonstrates strong business credibility and professional presentation but requires urgent security improvements to protect user data and maintain trust.

Eckes-Granini Group GmbH is a leading European manufacturer and provider of fruit juices and fruit-based beverages, operating as a family-owned business with a strong market position in Europe. The company emphasizes product quality, sustainability, and innovation in its offerings. The website reflects a professional digital presence with clear branding and comprehensive business information, targeting European consumers interested in healthy fruit beverages. Technically, the site uses modern frameworks such as Astro and a headless CMS (Storyblok), hosted on Microsoft Azure, with integration of Google Tag Manager for analytics and marketing. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security vulnerability. Security headers are partially implemented but some important protections like X-XSS-Protection are disabled. Privacy and legal compliance are well addressed with dedicated pages and a cookie consent mechanism. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Hoval Österreich operates as a leading provider of technologically advanced heating and climate control solutions in Austria, targeting both residential and commercial sectors. Their product portfolio includes heating systems for heat pumps, oil, gas, biomass, and solar, complemented by climate technology solutions for heating, cooling, and ventilation. The company maintains a strong market position supported by a comprehensive website that offers detailed product information, customer references, and service options including customer support and online ordering via myHoval. Technically, the website is built on the SAP Commerce (Hybris) platform, integrating modern marketing and analytics tools such as Google Tag Manager, Google Analytics, and OneTrust for cookie consent management. However, performance is moderate with slow DNS resolution and no page size or load time data available. Mobile optimization and SEO are well addressed, but accessibility is basic. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening its security posture. While security headers like HSTS, X-Frame-Options, and XSS protection are present, the absence of a valid certificate and weak SSL/TLS configuration are critical issues. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Contact information is available but lacks explicit security policy or incident response details. Overall, the website is professional and trustworthy from a business and content perspective but requires urgent improvements in SSL/TLS configuration to enhance security and user trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and tightening CORS policies.

K

Kröswang GmbH

kroeswang.at

24

Kröswang GmbH operates as a leading Austrian wholesale supplier specializing in fresh and frozen food products for the gastronomy and retail sectors. The company maintains a strong market presence with multiple locations and a comprehensive online shop targeting business customers primarily in Austria and Germany. Their business model focuses on B2B supply with emphasis on freshness and quality, supported by a broad product range and reliable 24-hour delivery service. Technically, the website is built on TYPO3 CMS with modern marketing and analytics integrations, including Google Tag Manager and Hotjar, providing a solid digital infrastructure. However, the absence of a valid SSL/TLS certificate and lack of HTTPS severely undermines the security posture, exposing users and business operations to significant risks. While privacy and cookie policies are well implemented and GDPR compliant, the lack of published security policies and incident response mechanisms indicates room for improvement in governance. Overall, the site is professional and content-rich but requires urgent security upgrades to protect business and customer data effectively.

Pension Gatterhof is a small hospitality business located in Riezlern, Kleinwalsertal, Austria, offering holiday apartments and rooms with breakfast and hotel services. The website is built on TYPO3 CMS with a modern responsive design and includes online booking capabilities and social media integration. However, the site lacks a valid SSL certificate, exposing visitors to security risks and reducing trust. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found. The domain registration is consistent with the business claims and shows a stable history since 2008. Overall, the website provides a good user experience but requires significant security improvements to protect users and enhance credibility.

A

AutomationX GmbH

automationx.com

30

AutomationX GmbH is a mature, medium-sized Austrian company specializing in automation solutions for manufacturing, food, construction, and infrastructure sectors. Their business model focuses on consulting, system integration, service, and development of automation software and hardware, targeting industrial clients. The website reflects a professional and consistent brand presence with clear service offerings and international project experience. Technically, the site is built on the Contao CMS with Apache server hosting by graz4u.at, using common web technologies like jQuery and Google Tag Manager. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts security posture. Cookie consent mechanisms and privacy policies are present but basic. Overall, the site is functional but requires critical security improvements to meet modern standards.

B

BDO

bdo.com.qa

40

BDO Qatar operates as part of the global BDO network, providing professional audit, advisory, tax, and business outsourcing services. The firm targets businesses in Qatar and internationally, emphasizing exceptional client service and global connectivity. The website reflects a professional services firm with a consistent brand and good content quality. Technically, the site uses modern frameworks including React and Kentico CMS, hosted on Microsoft Azure, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. Security headers are partially implemented, but the absence of HTTPS and TLS protocols severely impacts the security posture. Privacy and cookie policies exist but are basic, with a consent mechanism in place. Contact information is primarily via contact forms and social media, with no direct emails or phone numbers disclosed. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

H

Hotel Elisabeth

hotel-elisabeth-tirol.com

28

Hotel Elisabeth is a well-established family hotel located in Kirchberg, Tyrol, Austria, offering a blend of traditional hospitality and modern amenities including wellness spa, outdoor activities, and event hosting. The website reflects a strong market position targeting families and multi-generational guests seeking a premium alpine experience. Technically, the site is built on TYPO3 CMS with integrations for marketing and consent management, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and disabled TLS protocols. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

P

Pan American Energy S.L., sucursal Argentina

pan-energy.com

35

Pan American Energy (PAE) is a leading integrated private energy company operating primarily in Argentina and the Latin American region. The company focuses on upstream oil and gas operations, downstream refining and distribution, and renewable energy projects. It positions itself as a major producer, employer, and investor in the energy sector of Argentina, with presence in neighboring countries. The website reflects a corporate and professional image with clear navigation and multilingual support, targeting investors, suppliers, and job seekers. Technically, the site is built on Microsoft SharePoint and ASP.NET technologies, leveraging modern JavaScript libraries and frameworks for UI and analytics integration. However, the absence of HTTPS and SSL certificates is a critical security flaw, exposing users to potential risks. Security headers are partially implemented, but key protections like HSTS and TLS protocols are missing. Privacy compliance is weak, with no visible cookie consent or GDPR indicators. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

KiwiSecurity.com is a website representing Genetec's KiwiVision unified video analytics solution, targeting enterprise customers requiring advanced video management and analytics. The site is primarily JavaScript-driven with minimal visible content in the raw HTML, indicating a modern single-page application architecture. The technical infrastructure leverages Cloudflare CDN for hosting and caching, integrates multiple third-party analytics and marketing tools such as Google Analytics, Microsoft Clarity, OneTrust for cookie consent, and Visual Website Optimizer for A/B testing. However, the site lacks a valid SSL certificate and does not enable any TLS protocols, which is a critical security vulnerability that undermines user trust and data protection. Additionally, no privacy policy, terms of service, or contact information is directly accessible in the provided HTML content, limiting transparency and compliance with privacy regulations. Overall, the website demonstrates moderate technical maturity but requires urgent improvements in security and compliance to meet industry standards.

New City Press Bookstore, operated under Focolare Media, is an online platform specializing in academic and spiritual books aimed at promoting unity and spirituality. The website offers a range of products including books, magazines, podcasts, and other resources, targeting readers interested in Christian living and spirituality. The business model is primarily e-commerce with additional subscription and donation services, positioning itself as a niche media and publishing entity within the non-profit sector. Technically, the website is built on Drupal 10 and hosted on Pantheon, leveraging modern web technologies and caching mechanisms. While the site demonstrates good mobile optimization, accessibility, and SEO practices, its performance is currently slow, and it lacks a valid SSL certificate, which critically impacts security and user trust. From a security perspective, the site has implemented some security headers but fails to provide HTTPS, lacks modern TLS protocols, and does not have a cookie consent mechanism despite using tracking tools like Google Tag Manager. These gaps expose the site to potential risks and reduce its compliance with privacy regulations such as GDPR. Overall, the website is functional and professionally presented but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security posture and user trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and enhancing security headers and incident response capabilities.

G

GVO Personal GmbH

gvo-personal.de

22

GVO Personal GmbH operates as a personnel service provider specializing in staffing and job placement within the hospitality sector, including gastronomy, hotellerie, aviation, and event services. The company maintains a strong regional presence with approximately 50 locations across Germany and Austria, targeting both job seekers and corporate clients. Their business model focuses on flexible employment solutions such as temporary staffing and personnel leasing, supported by a professional and content-rich website that effectively communicates their offerings and brand identity. Technically, the website is built on Drupal 8 and incorporates modern front-end libraries such as Swiper.js and Font Awesome, alongside Google Tag Manager and Klaro for consent management. However, the site lacks a valid SSL certificate and does not support any TLS protocols, which is a critical security deficiency. Performance metrics are not available, but the site demonstrates good mobile optimization and SEO practices. From a security perspective, the absence of HTTPS and TLS protocols significantly undermines the site's security posture, exposing users to potential risks. While some security headers like Content-Security-Policy and X-Content-Type-Options are present, the lack of HSTS, OCSP stapling, and session resumption further weakens defenses. Privacy compliance is well addressed with comprehensive policies and a consent mechanism, reflecting GDPR adherence. Overall, the site presents a professional business front with good content and privacy practices but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic improvements in SSL/TLS implementation and enhanced security configurations are recommended to elevate the site's security maturity and compliance standing.

Xylem Inc. is a leading enterprise specializing in innovative water solutions and water technology, serving diverse sectors including energy, municipal water, healthcare, and manufacturing. The company offers a broad portfolio of products and services such as water and wastewater treatment systems, pumps, digital water solutions, and parts and supplies. Their market position is strong with a global footprint and multiple subsidiary brands. The website reflects a professional and comprehensive digital presence with excellent content quality and consistent branding. Technically, the site uses modern JavaScript frameworks, Google Tag Manager for analytics, and is hosted behind Cloudflare, but lacks a valid SSL certificate, which significantly impacts its security posture. Security headers are present but the absence of HTTPS and related SSL/TLS features lowers the overall security score. Privacy policies and terms of service are well documented, though no explicit cookie consent mechanism was detected. Contact information is primarily via contact forms with no direct emails or phone numbers found. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

S

SK STURM SALES & COMMUNICATION GMBH

sksturm.at

35

SK Sturm Graz is a well-established Austrian football club with a strong digital presence through its official website. The site offers comprehensive information about the club, including news, match schedules, team rosters, membership options, and an online shop. The business model revolves around sports entertainment, fan engagement, and commercial activities such as merchandise sales and sponsorships. The website demonstrates a high level of content quality and professional design, targeting football fans and stakeholders. Technically, the site uses modern frameworks like Vue.js and is built on Craft CMS, but lacks HTTPS, which is a critical security flaw. The absence of SSL/TLS significantly impacts the security posture, despite the presence of privacy and cookie policies that comply with GDPR. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

T

TENTE International GmbH

tente.com

34

TENTE International GmbH is a well-established manufacturer of high-quality castors and wheels, with a history spanning over 100 years. The company serves a broad range of industries including automotive, healthcare, logistics, and retail, offering both standard and custom mobility solutions. Their global presence is supported by localized websites and a comprehensive product catalog. Technically, the website is built on Shopware 6, leveraging modern web technologies and third-party services such as Usercentrics for consent management and Google Analytics for tracking. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Despite this, the site implements several security headers and privacy policies that align with GDPR requirements. Overall, the business credibility and website quality are high, but immediate remediation of the SSL issue is essential to protect user data and maintain trust.

C

CHANEL

chanel.com

40

CHANEL is a globally recognized luxury brand specializing in fashion, accessories, beauty products, and fine jewelry. The website serves a worldwide audience with extensive localization and multilingual support, reflecting its enterprise-scale operations and market leadership in the retail luxury sector. The site content is professionally presented with good SEO practices and consistent branding. Technically, the website leverages modern JavaScript, Google Tag Manager for analytics, and OneTrust for cookie consent management, hosted on Akamai's CDN infrastructure. However, the critical absence of a valid SSL certificate and disabled TLS protocols severely undermine the security posture, exposing users to risks and potentially impacting trust. While security headers are implemented, the lack of HTTPS is a major vulnerability. Privacy compliance is partially addressed through cookie consent mechanisms, but no explicit privacy policy or terms of service were detected in the provided content. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to meet security best practices and regulatory compliance.

U

Unique Computing Solutions

ucs-inc.net

30

Unique Computing Solutions is a well-established IT managed services provider specializing in tailored IT support and advanced IT solutions for small and medium-sized businesses. With over 25 years of experience, the company emphasizes customer service and long-term client relationships, serving diverse industries with a comprehensive portfolio of IT and security services. The website reflects a professional digital presence with strong branding, client testimonials, and integrated social proof. However, the technical infrastructure shows gaps, notably the absence of a valid SSL certificate and HTTPS, which significantly impacts security posture. While privacy policies and GDPR compliance mechanisms are in place, the lack of modern security protocols and performance optimization presents risks. Strategic improvements in SSL/TLS implementation and security headers are critical to enhance trust and protect client data.

Z

Zynga

zynga.com

40

Zynga is a leading global interactive entertainment company specializing in mobile and online games with a broad portfolio of popular franchises. As a wholly-owned subsidiary of Take-Two Interactive Software, Zynga has a strong market position with billions of downloads worldwide. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting mobile and online gamers globally. Technically, the site is built on WordPress with SEO optimizations and uses Amazon CloudFront for hosting and CDN services. However, the absence of a valid SSL certificate and disabled modern TLS protocols represent significant security gaps. Security headers are partially implemented but require tightening to mitigate risks such as cross-site scripting. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, Zynga's website demonstrates strong business credibility and digital maturity but needs urgent improvements in SSL/TLS security to protect user data and maintain trust.

D

Doppler LLC

fromdoppler.com

40

Doppler LLC operates a comprehensive marketing automation platform primarily targeting Spanish-speaking businesses in Latin America and Spain. Their website offers a wide range of services including email marketing, push notifications, SMS marketing, WhatsApp marketing, chatbots, landing pages, and data intelligence. The company positions itself as a leading SaaS provider in the marketing technology sector with a strong brand presence and extensive client testimonials. Technically, the website is built on WordPress and leverages modern marketing and analytics tools such as Google Tag Manager, OneTrust for cookie consent, and Zendesk for customer support. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that undermines user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance is evident. Overall, the site is professional, content-rich, and user-friendly but requires urgent security improvements to meet modern standards.

M

MEGA International

mega.com

40

MEGA International is an established enterprise SaaS solutions provider specializing in enterprise architecture, business process management, governance, risk and compliance, and data governance. The company holds a strong market position as a leader in enterprise architecture tools, recognized by Gartner for 16 consecutive years. Their HOPEX platform offers collaborative, AI-driven capabilities to accelerate digital transformation for large enterprises. Technically, the website is built on Drupal 10 with modern front-end frameworks and integrates multiple marketing and analytics tools. However, a critical security gap exists due to the absence of a valid SSL certificate, undermining HTTPS security. While security headers are well configured, the lack of TLS support poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

M

Motorola Mobility LLC

motorola.com

40

Motorola.com is the official Finnish website for Motorola Mobility LLC, a subsidiary of Lenovo, offering Android smartphones and accessories. The site targets Finnish consumers with localized content and product families such as moto razr, moto edge, moto g, and moto e. The technical infrastructure leverages Akamai CDN, OpenResty web server, and modern JavaScript frameworks, with integrations for Google Tag Manager and Adobe DTM for marketing and analytics. However, the site currently lacks a valid SSL certificate, which is a critical security vulnerability. Security headers are well implemented, but absence of cookie consent mechanisms may impact GDPR compliance. The website demonstrates good business credibility and professional design but requires improvements in security and privacy compliance to enhance trust and user safety.

G

Gelateria Romana - La Romana Srl

romanagroup.com

40

Gelateria Romana - La Romana Srl is a well-established Italian gelateria business founded in 1947, specializing in traditional gelato and pastry products with a franchising business model. The company targets entrepreneurs interested in franchising opportunities and consumers seeking quality artisanal gelato. The website reflects a consistent brand with good content quality and clear business information. Technically, the site uses a proprietary CMS (TITANKA!) with older JavaScript libraries and Bootstrap 3.2.0, indicating moderate digital maturity. However, the lack of HTTPS and modern TLS protocols is a critical security gap. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site is functional but requires urgent security improvements to protect user data and enhance trust.

F

F-Secure Corporation

f-secure.com

40

F-Secure Corporation is a well-established Finnish cybersecurity company with over 35 years of experience and a global user base exceeding 30 million. The company offers a comprehensive suite of cybersecurity products including antivirus, VPN, identity protection, and scam protection, targeting both consumers and service providers. Their business model is subscription-based, emphasizing digital security and privacy. The website is professionally designed, multilingual, and rich in content, reflecting a mature digital presence. Technically, the site uses modern frameworks like Next.js and is hosted on Netlify, with good mobile optimization and SEO practices. However, the current SSL/TLS configuration is invalid or missing, which is a critical security concern that needs immediate remediation. Security headers are properly set, but the lack of valid HTTPS reduces the overall security posture. The site complies with GDPR and provides comprehensive privacy and cookie policies. Overall, the domain registration and WHOIS data align well with the company's identity, supporting high legitimacy and trust. Strategic recommendations include renewing SSL certificates, enabling modern TLS protocols, and enhancing security best practices to improve trust and compliance.

T

TOPPAN Digital Language GmbH

meinrad.cc

40

TOPPAN Digital Language GmbH is a medium-sized, ISO-certified translation and localization service provider based in Austria, serving leading companies primarily in the DACH region. The company offers a comprehensive suite of services including documentation translation, marketing translations, software and website localization, and outsourcing solutions, supported by consulting and workflow optimization. The website reflects a professional and well-branded digital presence, leveraging WordPress with Elementor and integrating multiple marketing and analytics tools such as HubSpot and Google Analytics. Despite strong content quality and privacy compliance, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and disabled TLS protocols, which significantly impact its security posture. The domain registration and DNS configurations are consistent and trustworthy, with no signs of privacy protection or suspicious patterns. Overall, the website is functional and credible but requires urgent security improvements to protect user data and enhance trust.

X

XYZ

wearexyz.com

36

XYZ is a creative visual production agency based in San Francisco specializing in 3D rendering, photography, retouching, video, motion graphics, and other visual content creation services. The company partners with notable brands to deliver compelling content and experiences that drive results. Their website showcases a strong portfolio of industry-leading clients, reflecting a solid market position in the media and creative production sector. Technically, the website is built on WordPress with Elementor and leverages modern JavaScript libraries and third-party services such as Vimeo and Google Analytics. Hosting is provided by WP Engine with Cloudflare as a CDN, indicating a professional infrastructure. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security headers are minimal, and no advanced security policies or incident response contacts are found. Privacy and cookie policies are absent, which may impact compliance with GDPR and other regulations. Overall, the site presents a professional business front but requires urgent improvements in security and privacy compliance to reduce risk and enhance trust.

A

Avnet Embedded

msc-technologies.eu

40

Avnet Embedded is a division of Avnet, Inc., specializing in embedded computing, display, and software solutions for OEMs and businesses aiming to accelerate product time-to-market. The company positions itself as a world leader in embedded technology, offering a broad range of services including design, manufacturing, assembly, and software consultancy. Their business model leverages a strong partner ecosystem and in-house capabilities to deliver comprehensive embedded solutions. The website content is rich, professionally designed, and targets a global audience in the technology and manufacturing sectors. Technically, the website is built on WordPress with WooCommerce and several modern plugins such as Smart Slider 3 and Ultimate Member. The site uses Google Analytics and Google Tag Manager for tracking and marketing purposes. While the design and content quality are excellent, performance is slow, and there is a notable lack of valid SSL/TLS configuration, which impacts security and user trust. From a security perspective, the site implements several important HTTP security headers and cookie flags, but the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities. Privacy compliance is strong, with comprehensive privacy and cookie policies and consent mechanisms in place, indicating good GDPR adherence. However, no explicit incident response or vulnerability disclosure policies were found. Overall, the site demonstrates a mature business presence with strong content and privacy practices but suffers from critical security configuration issues that should be addressed promptly to improve trust and protect users.

E

Euronet Worldwide, Inc.

euronetworldwide.com

39

Euronet Worldwide, Inc. operates as a global leader in payments processing and cross-border transactions, providing a broad range of financial technology solutions including electronic funds transfer, prepaid products, and money transfer services. The company serves financial institutions, fintechs, retailers, and consumers worldwide, leveraging platforms such as Ren and Dandelion to enable real-time, compliant cross-border payments. The website reflects a mature enterprise with a strong market position and comprehensive business information, including investor relations and corporate governance details. Technically, the site is built on WordPress with Elementor and hosted on WP Engine, integrating modern analytics and cookie consent tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS, exposing users to potential risks. Security headers are partially implemented, but improvements are needed in TLS protocol support, HSTS, and session management. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent security enhancements to protect user data and maintain credibility.