Security Directory

zeb.rolfes.schierenbeck.associates gmbh is a leading European strategy, management, and IT consulting firm specializing in the financial services industry. The company offers a broad range of consulting services including transformation, regulatory compliance, and corporate education, targeting banks, insurance companies, and financial technology specialists. Their market position is strong within Europe, supported by multiple subsidiary domains and partner sites across key financial markets. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience and strong brand consistency. Technically, the website is built on Drupal 11 with modern frameworks such as Bootstrap and integrates analytics tools like Matomo and Google Tag Manager. Accessibility features and cookie consent mechanisms are implemented, reflecting good digital maturity. However, the website suffers from critical security issues due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts the security posture and overall trustworthiness. Security headers are well configured, but the lack of TLS protocols and OCSP stapling are notable vulnerabilities. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. The company maintains active social media channels and provides clear contact information, enhancing business credibility. Overall, while the business and content aspects are excellent, urgent improvements in SSL/TLS configuration are necessary to elevate the security posture and user trust.

D

Dr. Isabella Eberl

notarin-eberl.at

35

The website represents a small professional notary office led by Dr. Isabella Eberl located in Taxenbach, Salzburg-Land, Austria. It offers a broad range of notarial services including testament and inheritance law, real estate transactions, family law, and corporate legal services. The site is well-structured with clear service descriptions and contact information, targeting private individuals and businesses in the local region. Technically, the site uses a Mono CMS platform with various external scripts for fonts, tracking, and consent management. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy and cookie policies are present with a consent mechanism, but no terms of service or explicit security policies are found. The site uses Google Analytics and Herold Tracker for analytics and marketing purposes. Overall, the site is professional but requires urgent security improvements to protect user data and enhance trust.

M

MASSIVE ART WebServices GmbH

massiveart.at

38

MASSIVE ART WebServices GmbH is a full-service digital agency based in Austria, specializing in digital strategy, website and portal development, e-commerce solutions, performance marketing, data analytics, mobile apps, and UI/UX design. The company targets B2B clients, particularly industry leaders and established businesses seeking sustainable digital transformation. With a strong market position supported by long-term partnerships and recognized certifications such as Google Partner and HubSpot Gold Partner, MASSIVE ART demonstrates a reputable presence in the technology sector. The website employs modern web technologies including nginx, Google Tag Manager, Matomo Analytics, and HubSpot forms, with advanced SVG animations enhancing user experience. The site is mobile-optimized and exhibits excellent design quality and navigation clarity. However, performance is currently slow, and the SSL/TLS configuration is inadequate, lacking a valid certificate and modern protocol support. Security posture is basic, with essential security headers present but critical issues such as an invalid SSL certificate and absence of TLS protocols significantly lowering the security score. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, though no explicit cookie consent mechanism was detected. Contact information is clearly provided across multiple office locations, enhancing business credibility. Overall, MASSIVE ART's digital presence is professional and trustworthy, but immediate improvements in SSL/TLS security are recommended to enhance user trust and comply with best security practices.

W

Westcam - The Know-WOW Company

westcam.at

35

Westcam - The Know-WOW Company is a well-established Austrian technology and manufacturing solutions provider founded in 1990. The company offers a comprehensive portfolio of services and products including CAD design, CAM programming, 3D printing, 3D metrology, PDM/MES systems, mechatronics, robotics, and industrial image processing. Their market position is strong in the regional industrial sector, supported by their Autodesk Gold Partner status and ISO 9001:2015 certification. The website demonstrates a high level of digital maturity with a modern WordPress-based infrastructure, multilingual support, and integrated marketing and analytics tools. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS support, which significantly impacts their security posture. Privacy compliance is well addressed with explicit cookie consent mechanisms and a comprehensive privacy policy. Overall, the business presents itself professionally with clear contact information and strong trust indicators.

ChargePoint, Inc. operates the be.ENERGISED platform, a modular SaaS solution designed to support businesses in building and expanding electric vehicle (EV) charging services. The website targets enterprises, fleet operators, partners, and EV drivers primarily in Germany and Europe, offering comprehensive services including charge point operation, software integration, billing, roaming, and white-label solutions. The company holds a strong market position with significant penetration among Fortune 50 companies and a large active charging network. Technically, the site is built on Drupal 10 and hosted on Pantheon, with integrations such as Google Tag Manager and Google Maps API enhancing functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and GDPR-compliant privacy and cookie policies. Overall, the site demonstrates high content quality and business credibility but requires urgent improvements in security infrastructure to protect user data and maintain trust.

W

Wellspect HealthCare

wellspect.com

35

Wellspect HealthCare is a global MedTech company specializing in continence care solutions, supporting individuals with urinary and bowel dysfunction through innovative products and educational resources. The company holds a strong market position with over 40 years of industry experience and operates under the parent company Dentsply Sirona. Their website reflects a professional and consistent brand image targeting carers, specialists, and new users in continence care. Technically, the website employs modern analytics and marketing tools such as Microsoft Application Insights, Google Tag Manager, and Salesforce Lightning, hosted behind Cloudflare. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security flaw, severely impacting the site's security posture. Privacy compliance is partial, with a comprehensive privacy policy present but lacking a cookie consent mechanism despite active tracking scripts. Overall, the website offers excellent content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

T

Tractive

tractive.com

40

Tractive is a leading global provider of GPS and health monitoring trackers for pets, specializing in real-time location tracking and wellness insights for dogs and cats. The company operates a robust e-commerce platform offering subscription-based services that enable worldwide cellular connectivity for their devices. Their market position is strong, supported by extensive customer testimonials, high Trustpilot ratings, and a broad international presence with multi-language support. Technically, the website leverages modern web technologies including nginx, Amazon AWS infrastructure, CloudFront CDN, and advanced JavaScript frameworks. They utilize performance monitoring and A/B testing tools such as New Relic and Visual Website Optimizer, indicating a mature digital infrastructure. The site is well-optimized for mobile devices and accessibility, with good SEO practices. From a security perspective, while the site implements several important security headers and policies, it suffers from a critical issue: the SSL certificate is invalid or missing, and no TLS protocols are enabled. This severely impacts the security posture and user trust. Other security best practices like HSTS and CSP are in place, but the lack of proper HTTPS is a major vulnerability. Overall, the risk assessment highlights the need for immediate remediation of SSL/TLS issues to protect user data and maintain trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and improving session security. The business credibility is high, but security gaps could undermine customer confidence if not addressed promptly.

iteratec GmbH is a medium-sized, established software development company founded in 1996, with multiple offices across Germany, Austria, and Poland. The company specializes in digital transformation, AI and data analytics, IT security, and sustainable technology solutions, targeting enterprises in automotive, energy, and logistics sectors. Their website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts their security posture. Privacy and cookie policies are well implemented with consent mechanisms, indicating good compliance with GDPR. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trust.

H

HK/Danmark

hk.dk

38

HK/Danmark is a well-established Danish trade union and unemployment insurance provider, founded in 1900, serving a large membership base with comprehensive services including career guidance, legal advice, and member benefits. The website is professionally designed, content-rich, and targets employees, students, and job seekers in Denmark. Technically, the site uses modern web technologies such as ASP.NET, jQuery, and integrates analytics and chat services, but suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines its HTTPS security posture despite having HSTS headers configured. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and trust signals like Trustpilot integration enhancing business credibility. Overall, the site is highly professional but requires urgent security improvements to ensure user trust and data protection.

P

Pioneers Innovation GmbH

pioneers.io

22

Pioneers Innovation GmbH is an established innovation consulting and corporate venture building firm founded in 2013, serving a broad range of corporate clients across sectors such as energy, transportation, banking, and technology. The company offers comprehensive services including innovation strategy, setup, execution, venture building, and startup services, positioning itself as a trusted partner for innovation-powered transformation and growth. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client testimonials and references to large organizations. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business credibility is high, but the lack of HTTPS is a major risk that should be urgently addressed.

SPGPrints is a well-established global company specializing in textile and industrial printing solutions, with a strong focus on rotary screen and digital textile printing technologies. The company offers a comprehensive range of products including printing machines, consumables, and services, targeting businesses in textile, label, healthcare, and printed electronics sectors. Their market position is supported by decades of experience, numerous patents, and a global presence. Technically, the website is built on HubSpot CMS and leverages modern web technologies and marketing tools, but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with some security headers present but critical gaps in SSL/TLS configuration and privacy compliance. Overall, the website is professional and content-rich but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

V

VARIOTHERM HEIZSYSTEME GMBH

variotherm.com

21

Variotherm Heizsysteme GmbH is an established Austrian company specializing in surface heating and cooling systems for floors, walls, and ceilings, leveraging over 30 years of expertise. Their product portfolio targets contractors, installers, architects, and end customers seeking efficient heating and cooling solutions. The company maintains a professional online presence with multilingual support and a comprehensive product and service offering. Technically, the website is built on TYPO3 CMS served by Apache, with integrated analytics via Matomo and Google Tag Manager. However, the absence of HTTPS and a valid SSL certificate significantly undermines the security posture. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and incident response information indicates room for improvement. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

The website dondusang.net represents the official French public blood service, Etablissement français du sang (EFS). It provides comprehensive information and services related to blood, plasma, and platelet donations across France. The site is well-branded, content-rich, and targets donors, associations, and the general public with clear calls to action and partner engagement. Technically, the site is built on Drupal CMS, uses modern tracking and analytics tools, and integrates multiple partner domains. However, it lacks HTTPS support, which is a critical security flaw exposing users to risks. Security headers are well configured but cannot compensate for the absence of SSL/TLS. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates a high level of professionalism and trustworthiness but requires urgent security improvements.

S

Smartly.io Solutions Oy

smartly.io

39

Smartly.io Solutions Oy operates a mature, enterprise-grade AI advertising platform focused on creative, media, and intelligence suites to optimize cross-channel advertising performance. The company is well-positioned in the technology sector with a strong market presence, supported by industry certifications and a comprehensive digital marketing infrastructure. The website is professionally designed, content-rich, and targets advertising professionals and teams seeking AI-powered campaign automation and insights. Technically, the site leverages modern web technologies including Webflow CMS, Marketo forms, and multiple analytics and tracking tools, hosted via Cloudflare CDN. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business credibility is high, but urgent remediation of SSL/TLS issues is recommended to ensure secure user interactions and trust.

Ö

Ökovolt Solartechnik GmbH

oekovolt.com

27

Ökovolt Solartechnik GmbH is a well-established company specializing in photovoltaic solutions for industry, commerce, municipalities, real estate developers, and private households. With over 15 years of experience, the company offers comprehensive services including planning, financing, installation, and operation of photovoltaic large-scale systems. Their market position is strong, supported by detailed project references and a professional online presence. Technically, the website is built on WordPress with modern SEO and analytics tools, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which undermines security and trust. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policies. Overall, the company demonstrates a mature digital infrastructure but must urgently address SSL issues to improve security posture and user trust.

V

Verlag Österreich

verlagoesterreich.at

24

Verlag Österreich is a specialized legal publisher based in Austria, offering a comprehensive range of legal literature including books, eBooks, journals, and commentaries. The website targets legal professionals, academics, students, and institutions, providing an e-commerce platform for purchasing legal publications. The business is well-established with a consistent brand presence and a professional digital footprint. Technically, the website uses a modern tech stack including Apache, jQuery, and a proprietary CMS (Datamints), with good mobile optimization and accessibility features. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Security headers are present but cannot compensate for the lack of encryption. Privacy and cookie policies are comprehensive and GDPR compliant, and the site employs Google Tag Manager for analytics and marketing. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to ensure secure user interactions.

N

nora systems GmbH

nora.com

36

nora systems GmbH is a globally recognized manufacturer specializing in high-quality rubber floor coverings, headquartered in Germany with a history dating back to 1950. The company holds a strong market position as a leader in resilient flooring solutions across multiple sectors including healthcare, education, industry, and public buildings. Their business model focuses on manufacturing and direct sales, supported by innovative installation and cleaning systems. The website reflects a professional and comprehensive digital presence with rich content tailored to architects, builders, and facility managers. Technically, the site is built on Sitecore CMS and served via Microsoft IIS, with integrations for marketing and analytics through Google Tag Manager and Usercentrics consent management. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap, exposing the site to potential risks. Privacy and cookie policies are well implemented, indicating good compliance with GDPR standards. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and enhance trust.

I

Implenia AG

implenia.com

38

Implenia AG is a leading Swiss construction and real estate services company with a strong multinational presence, particularly in Switzerland and Germany. The company specializes in infrastructure, real estate development, and specialized construction services such as tunnel and civil engineering. The website reflects a mature business with comprehensive content targeting business clients, investors, and partners. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates consent management and analytics tools. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Security headers are partially implemented but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and business credibility but requires urgent security improvements to align with best practices.

W

WestLicht

westlicht.com

40

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

K

Kreisel Electric GmbH

kreiselelectric.com

21

Kreisel Electric GmbH is a medium-sized Austrian company specializing in advanced battery technology and high-voltage battery systems for electrification projects across commercial, marine, off-highway, and motorsport sectors. The company leverages patented immersion cooling technology to deliver high safety, performance, and longevity in their products. Their market position is strengthened by strategic partnerships with industry leaders such as BASF and Allego, reflecting a commitment to sustainability and innovation. The website is professionally designed, content-rich, and targets B2B customers seeking electrification solutions. Technically, the site is built on WordPress with modern SEO and marketing tools like Google Tag Manager and OneTrust for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy compliance is addressed through comprehensive policies linked to Deere & Company, indicating a strong privacy posture. Contact information is clearly provided, enhancing business credibility. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are recommended.

EssenceMediacom Holdings Limited operates as a global media and communications agency, delivering integrated media solutions, analytics, and creative futures to a diverse range of brands. With a mature domain age of 20 years and a presence in 96 markets supported by 120 offices and over 10,000 employees, the company holds a strong market position within the media industry. Their website reflects a professional and content-rich platform targeting brands seeking breakthrough communications strategies. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Cloudflare, and managed via DatoCMS, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture despite the presence of robust security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

V

VAM USA

vam-usa.com

40

VAM USA is a medium-sized company specializing in premium connection solutions for the oil and gas industry, with a strong market position as a world leader and a parent company relationship to Vallourec Oil and Gas France. The website provides comprehensive business information, product details, and service offerings targeted at energy sector professionals and distributors in North America. Technically, the site is built on WordPress with common marketing and analytics tools but suffers from slow performance and lacks modern security implementations such as HTTPS and security headers. The security posture is weak due to the absence of a valid SSL certificate and no HTTPS support, which is a critical issue. Privacy compliance is poor, with no visible privacy or cookie policies. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

B

bulmor industries GmbH

bulmor-airground.com

37

Bulmor airground technologies GmbH is a specialized manufacturer of medical highloaders (Ambulift SideBull) designed to facilitate safe and efficient boarding of mobility-impaired passengers at airports. The company has a niche market position with patented technology and partnerships with major airports and airlines. The website is built on TYPO3 CMS and uses several JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The domain is mature and trustworthy, registered since 2011 with no suspicious patterns beyond lack of domain protection locks.

M

MTEL Austria

mtel.at

39

MTEL Austria is a telecommunications provider offering a range of services including mobile tariffs, internet, and TV entertainment packages primarily targeting private and business customers in Austria. The company is part of the Telekom Serbien Group, indicating a solid regional market presence. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It leverages modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager, Hotjar, and Cookiebot for consent management. However, the site currently lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Contact information including email and phone numbers is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

I

IVM Ltd.

ivm-vending.eu

25

IVM Ltd. is a medium-sized manufacturing company based in Hungary specializing in industrial vending machines and tool management solutions. Their website, built on WordPress with the Divi theme, presents a professional and well-structured digital presence targeting industrial clients and partners. The company emphasizes innovation in micrologistics and asset management, supported by proprietary software and certifications such as ISO 9001 and ISO 27001. Technically, the site uses common web technologies including Apache, jQuery, and Google Tag Manager, but lacks a valid SSL certificate, which impacts security posture negatively. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information and social media links are clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires improvements in security and privacy compliance to meet modern standards.

T

Triumph Intertrade AG

triumph.com

38

Triumph Intertrade AG operates a mature and well-established e-commerce platform specializing in lingerie and related apparel, primarily targeting the German market. The website demonstrates a high level of professionalism, rich content, and strong brand consistency, supported by a comprehensive customer loyalty program and active social media presence. The technical infrastructure leverages modern e-commerce technologies including Salesforce Commerce Cloud and Cloudflare for hosting and delivery, with integrated marketing and analytics tools such as Google Tag Manager and CQuotient. However, the absence of a valid SSL/TLS certificate on the main domain significantly undermines the site's security posture, exposing users to potential risks. Additionally, a subdomain takeover vulnerability on blog.triumph.com presents a notable security concern. Privacy and cookie policies are present and indicate GDPR compliance, with clear contact information and incident response channels available. Overall, the site is functional and credible but requires urgent security improvements to protect user data and maintain trust.

M

ManpowerGroup

manpower.com

40

ManpowerGroup operates a comprehensive workforce solutions platform primarily targeting job seekers and employers in the United States. The company offers staffing, recruitment, and workforce management services across multiple sectors including transportation, logistics, engineering, and financial services. The website reflects a mature digital presence with a modern React and Sitecore CMS infrastructure, supported by Cloudflare for hosting and CDN services. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR and related regulations. However, the website's security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which are critical issues that must be addressed to protect user data and maintain trust. Overall, the site is professionally designed with excellent content quality and strong business credibility, supported by consistent WHOIS data and recognized certifications.

G

Gerhard Trittenwein

bindertrittenwein.com

37

Gerhard Trittenwein operates a specialized IT consulting and project management business focused on complex IT, change management, and digital transformation projects. The company emphasizes lean and agile methodologies to deliver early and visible results, targeting organizations facing challenging IT projects. The website presents a professional image with clear service offerings and contact information, supported by over 30 years of experience. Technically, the site uses Mono CMS with external CDNs and integrates Google Analytics and ConsentManager for tracking and cookie consent. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw, exposing visitors to risks and undermining trust. Privacy policies and cookie consent mechanisms are in place, indicating GDPR awareness, but no security policy or incident response information is provided. Overall, the business appears legitimate and consistent with its domain registration and DNS records, but urgent improvements in security posture are needed.

G

Gronda

gronda.eu

38

Gronda operates as a leading culinary community platform connecting chefs worldwide to share recipes, culinary creations, and educational content. The business targets professional and aspiring chefs and culinary enthusiasts, offering a mobile app and subscription-based PRO services. The platform is positioned as a top community in its niche with a strong digital presence and active social media engagement. Technically, the website is built on modern web technologies including Webflow CMS, AWS CloudFront CDN, and integrates Google Tag Manager and Weglot for analytics and multilingual support. However, performance data is missing, and inferred loading speed is slow. Security posture is weak due to the absence of a valid SSL certificate and incomplete HTTPS implementation, which poses risks to user data and trust. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional and credible but requires urgent security improvements to protect users and enhance trust.

L

Linde PLC

the-linde-group.com

40

Linde PLC is a leading global industrial gases and engineering company focused on delivering innovative solutions to support customers across various sectors including clean energy and sustainability. The website reflects a mature, enterprise-level business with comprehensive content covering their expertise, sustainability initiatives, investor relations, and corporate governance. The technical infrastructure leverages modern tools such as Sitecore CMS, Azure Application Insights, and OneTrust for compliance, indicating a digitally mature platform. However, the security posture is currently weak due to the absence of a valid SSL certificate and lack of modern TLS protocol support, which exposes the site to potential risks and impacts user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and compliance.

Grayling is a large, international PR and public affairs agency operating in over 30 countries with a strong global network of offices and affiliates. The company specializes in brand communications, corporate affairs, and public affairs, serving a diverse range of clients including major global brands. Their website reflects a professional and consistent brand image, with comprehensive content showcasing their services, case studies, and client portfolio. Technically, the site is built on WordPress with modern frontend frameworks and integrates multiple marketing and analytics tools such as Google Analytics, HubSpot, and OneTrust for cookie consent management. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of HTTPS support, which poses significant risks to user data and trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates good business credibility and digital maturity but requires urgent security improvements to protect visitors and maintain trust.

A

APILayer

apilayer.net

40

APILayer is a mature and reputable API marketplace founded in 2015, offering a wide range of APIs across multiple categories such as finance, geolocation, marketing, and developer tools. The platform targets developers and engineering teams seeking scalable, easy-to-integrate API solutions. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, the site uses modern web technologies including OAuth for authentication, Google Tag Manager for analytics, and Cloudflare for CDN and security headers. However, a critical security issue is the absence of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and trustworthiness of the site. Privacy and legal policies are comprehensive and hosted on the parent company domain, indicating corporate governance. Social media presence and client testimonials add to the trust signals. Overall, while the business and content aspects are strong, the security configuration requires urgent remediation to ensure safe user interactions and compliance.

M

moodley design group

moodley.at

37

Moodley design group is a medium-sized, Austria-based consultancy specializing in brand and business transformation through strategy, design, and technology services. The company targets businesses and organizations seeking to accelerate their brand transformation and growth, especially in challenging times. Their market position is that of an established design and strategy consultancy with an international presence, offering services including brand transformation, product design, and digital product and service design. The website content is professionally crafted, with clear navigation and strong branding consistency, targeting a professional audience. Technically, the website is built on a modern stack including nginx, JavaScript, Vimeo embeds, and uses Usercentrics for consent management and Google Tag Manager for analytics. The CMS appears to be Statamic. However, performance metrics are missing, and the site lacks HTTPS, which is a critical security shortfall. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to risks. No advanced security headers or policies are implemented, and no incident response or vulnerability disclosure information is available. Cookie consent and privacy policies are present and GDPR compliant, indicating good privacy practices. Overall, the website is professional and trustworthy in business presentation but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect users and improve trustworthiness. Strategic recommendations include immediate SSL installation, security header implementation, and enhanced incident response transparency.

Suomen Euromaster Oy operates a comprehensive automotive service website focused on tire sales, installation, and vehicle maintenance services across Finland. The company serves both individual consumers and business clients with a wide network of over 80 service points. The website is professionally designed, localized primarily in Finnish, and integrates modern web technologies and marketing tools. However, the site suffers from a critical security flaw due to an invalid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, supporting business credibility. The domain registration data aligns well with the business claims, indicating legitimacy.

S

Swissport International AG

swissport.com

40

Swissport International AG operates as a global leader in airport ground services and air cargo handling, serving 286 airports worldwide. The company offers a broad portfolio of services including passenger services, ramp handling, air cargo services, airport hospitality, and executive aviation. Swissport targets airlines, airport operators, and cargo handlers, positioning itself as a market leader with a comprehensive service offering and a strong global network. The website reflects a professional and consistent brand image with extensive content and media releases supporting its market presence. Technically, the site leverages modern technologies such as Cloudflare CDN, Cookiebot for consent management, Google Tag Manager, and social media integrations, hosted on a CMS platform identified as Ibexa DXP. However, the website's SSL certificate is invalid or missing, which is a critical security concern that impacts the overall security posture. Security headers are well configured, but the lack of valid HTTPS and TLS protocols reduces the security score significantly. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Business credibility is high, supported by trust indicators such as ISO 27001 certification and official social media presence. Overall, the website is functional and professional but requires urgent remediation of SSL/TLS issues to improve security and trust.

B

Borouge

borouge.com

40

Borouge is a prominent petrochemical company specializing in the production and supply of innovative polyethylene and polypropylene solutions across multiple sectors including energy, infrastructure, healthcare, and agriculture. The company leverages advanced Borealis Borstar® technology to deliver tailored polymer products that meet specific customer needs, emphasizing sustainability and innovation. The website reflects a well-structured digital presence with comprehensive investor relations, media updates, and e-services, targeting industrial clients and stakeholders in the petrochemical industry. Technically, the site is built on Microsoft SharePoint, incorporating modern web technologies and basic mobile optimization. However, a critical security concern is the invalid or missing SSL certificate, which undermines the security posture despite the presence of multiple security headers and policies. Privacy compliance is well addressed with clear cookie and privacy policies, including GDPR adherence. Contact information is transparent and professional, enhancing business credibility. Overall, the website demonstrates a solid business and digital foundation but requires urgent remediation of SSL issues to improve security and trust.

O

Opus Marketing GmbH

opus-marketing.de

23

Opus Marketing GmbH is a German branding agency specializing in transforming visions and ideas into impactful brands with a focus on strategic branding, digital transformation, and sustainability. The company targets businesses seeking creative and strategic brand development and positions itself as a medium-sized agency with a consistent and professional brand presence. Technically, the website is built on WordPress using WPBakery and integrates modern marketing and analytics tools such as Usercentrics for cookie consent, Google Tag Manager, and Facebook Pixel. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support and lack of security headers, which significantly impacts its security posture. Performance is also suboptimal with a slow load time and large page size. Overall, the business credibility and content quality are high, but technical and security improvements are necessary to enhance trust and compliance.

S

Sun Chemical

sunchemical.com

40

Sun Chemical is a globally recognized enterprise manufacturing inks, pigments, and advanced materials serving diverse industrial sectors including packaging, graphics, automotive, electronics, and healthcare. As a member of the DIC Group with over 22,000 employees and a legacy spanning over 200 years, the company holds a strong market position supported by extensive patents and sustainability initiatives. The website reflects a mature digital presence with comprehensive content, professional design, and good SEO practices. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the security posture, exposing users to risks and reducing trust. Security headers are partially implemented but insufficient without proper TLS. Privacy and cookie policies are present and indicate GDPR compliance, though no explicit security or incident response policies are found. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect data and user trust.

W

Wiener Messe und Congress GmbH

messe.at

27

Wiener Messe und Congress GmbH operates the VIECON – Vienna Congress & Convention Center, a leading event venue in Vienna offering flexible spaces for congresses, exhibitions, and corporate events. The website presents a professional image with comprehensive information about the venue, services, and sustainability initiatives. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are present but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is credible and well-structured but requires urgent SSL implementation to improve security and trust.

G

Greater Europe Mission

gemission.org

40

Greater Europe Mission is a well-established Christian missions non-profit organization focused on disciple-making and evangelism throughout Europe. The organization has a mature online presence with a professionally designed WordPress website that clearly communicates its mission, values, and ministry areas. The website targets Christian communities, churches, missionaries, and donors interested in European missions. It offers resources, contact options, and donation capabilities to support its mission. Technically, the site uses modern web technologies including WordPress, Beaver Builder, and integrates Google Analytics and Tag Manager for tracking. However, the site lacks a valid SSL certificate and HTTPS support, which is a significant security concern. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and enhance trust.

S

SoftwareOne Österreich GmbH

comparex.at

40

SoftwareOne Österreich GmbH is a leading enterprise software and cloud solutions provider with a strong global presence and local expertise in Austria. The company offers a broad range of services including cloud migration, application modernization, IT asset management, software sourcing, and customer training. Their business model focuses on B2B services, supporting digital transformation initiatives for enterprises across multiple industries. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates advanced cookie consent and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in SSL/TLS configuration to enhance security.

H

HEROLD Business Data GmbH

ichbinderherold.at

35

HEROLD Business Data GmbH operates a professional career portal focused on online media and marketing services for Austrian businesses. The company is well positioned as a leading website producer and Google Premium Partner with a strong employer brand. The website content is rich, professionally designed, and targets job seekers and SMEs in Austria. Technically, the site uses Mono CMS and integrates modern tracking and consent management tools but lacks HTTPS, which is a critical security gap. The security posture is weak due to the absence of SSL/TLS encryption and missing security headers. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy but requires urgent security improvements to protect user data and enhance trust.

The United Nations Office for Outer Space Affairs (UNOOSA) operates as a key UN entity facilitating international cooperation in peaceful space activities, space law, and capacity building. It serves a global audience including member states, space agencies, academia, and industry. The website reflects a mature and consistent brand aligned with UN standards, offering comprehensive information on space policy, events, and programs. Technically, the site uses a legacy tech stack with Apache, jQuery, and Bootstrap, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, exposing users to risks. Privacy compliance is minimal, lacking cookie consent mechanisms and GDPR indicators. Contact information and social media presence are well established, enhancing business credibility. Overall, the site is authoritative but requires urgent security and privacy improvements.

Coca-Cola Europacific Partners is a leading enterprise in the manufacturing and distribution of beverages across 31 markets, offering globally recognized brands such as Coca-Cola, Sprite, Fanta, and Monster. The company emphasizes sustainability and value creation for customers and consumers. The website reflects a mature digital presence with comprehensive content, investor relations, and sustainability initiatives. Technically, the site uses modern tools like Google Tag Manager and Cloudflare but lacks a valid SSL certificate and HTTPS, which is a critical security flaw. Security headers are well configured, but the absence of TLS protocols and HSTS reduces the security posture significantly. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and trustworthy but urgently needs to address SSL/TLS issues to improve security and user trust.

C

Capgemini

capgemini-consulting.com

40

Capgemini Invent is a prominent management consultancy brand under the Capgemini group, specializing in innovative consulting services that combine strategy, technology, data science, and design to help businesses transform and grow. The website reflects a mature, enterprise-level digital presence with comprehensive content, strong branding, and a wide range of services targeting C-level executives and large enterprises. Technically, the site is built on WordPress with modern frameworks like React and Bootstrap, indicating a contemporary and scalable infrastructure. However, a critical security issue is the lack of a valid SSL certificate, which undermines the site's security posture despite the presence of several security headers. Privacy and cookie policies are well implemented, showing good compliance with GDPR and related regulations. Overall, the site is professional and trustworthy but requires immediate attention to SSL configuration to enhance security and user trust.

K

KRAL GmbH

kral.at

24

KRAL GmbH is a medium-sized Austrian company specializing in manufacturing screw pumps and flow measurement solutions primarily serving industrial sectors such as marine, power generation, chemical engineering, mechanical engineering, and oil & gas. The company maintains a professional online presence with a well-structured website powered by TYPO3 CMS, offering detailed product and service information, supported by a global network of sales and service partners. The website integrates multiple marketing and analytics tools managed through Google Tag Manager and employs a comprehensive cookie consent mechanism to comply with GDPR requirements. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to potential risks and reducing trust. Security headers are partially implemented, but critical improvements are needed to align with best practices. Overall, the business demonstrates strong credibility and market positioning but requires urgent technical security enhancements to protect its digital assets and customer data.

E

Egon Zehnder International Ltd.

egonzehnder.com

40

Egon Zehnder International Ltd. operates a global organizational consulting and leadership advisory website offering a wide range of executive search and leadership development services. The company is positioned as a global leader with extensive geographic reach and a comprehensive service portfolio targeting large enterprises and organizations seeking leadership solutions. Technically, the website uses modern web technologies including Vue.js and integrates multiple analytics and marketing tools, but suffers from a critical security flaw due to the absence of a valid SSL certificate and HTTPS support. Security headers and content security policies are well implemented, but the lack of HTTPS severely impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professionally designed and trustworthy, but the critical SSL issue poses a significant risk that should be remediated immediately.

Ookla, LLC is a well-established enterprise in the telecommunications and technology sector, known for its network intelligence and performance measurement solutions. The website indicates that Mosaik was acquired by Ookla in 2018, integrating its wireless network intelligence and mapping products into Ookla's portfolio. The company targets enterprise customers including network operators, regulators, and hardware manufacturers, offering a broad suite of products such as Speedtest, Downdetector, and Ekahau. The market position is strong, supported by a large enterprise size and backing by parent company Ziff Davis. Technically, the website is built using the Eleventy static site generator and leverages modern JavaScript and CSS technologies. Hosting is on AWS infrastructure, and the site integrates multiple marketing and analytics tools including Google Tag Manager, HubSpot, and LinkedIn Insight Tag. The site is mobile optimized with good SEO practices, though accessibility features are basic. From a security perspective, the site implements several important HTTP security headers such as X-Frame-Options and Content Security Policy. However, the absence of a valid SSL certificate and lack of HTTPS enforcement are critical vulnerabilities that significantly reduce the security posture. No cookie consent mechanism was detected despite the use of tracking scripts, indicating partial privacy compliance. Overall, the website is professional and trustworthy in content and business credibility but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and user trust.

U

Università degli Studi Internazionali di Roma - UNINT

unint.eu

37

Università degli Studi Internazionali di Roma - UNINT is a large, established higher education institution based in Italy, offering a wide range of undergraduate and graduate programs with a strong international focus. The website is professionally designed, content-rich, and targets students, faculty, and academic partners. The technical infrastructure is based on WordPress with modern plugins and frameworks, though performance is somewhat slow. Security posture is basic with critical issues such as an invalid SSL certificate and lack of security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy but requires immediate attention to SSL and security configurations to enhance user trust and data protection.

Desmet is a well-established global engineering company specializing in custom plants and equipment for the food, feed, and biofuel industries. With a large workforce and multiple brands, it holds a strong market position supported by extensive experience and a professional digital presence. The website is content-rich, well-structured, and uses modern technologies, but critically lacks HTTPS/SSL, which severely impacts its security posture. While security headers are implemented, the absence of valid SSL/TLS and related configurations exposes the site to risks. Privacy compliance is partially addressed with visible privacy and cookie policies, but no explicit consent mechanism is detected. Business credibility is high due to clear branding, contact information, and WHOIS consistency. Strategic improvements in security infrastructure and incident response readiness are recommended.