Security Directory

D

Dunelm

dunelm.com

40

Dunelm is a prominent UK-based retailer specializing in homeware, furniture, and related products, offering a comprehensive e-commerce platform alongside physical stores. The website demonstrates a mature digital presence with extensive product categories, clear navigation, and strong branding. Technically, the site leverages modern technologies including React, Algolia for search, and integrates multiple third-party services for payments, analytics, and marketing. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the site's security posture. While security headers are present, the lack of proper TLS configuration exposes the site to significant risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance with GDPR. Overall, the site is professional and trustworthy from a business perspective but requires urgent remediation of its SSL/TLS configuration to ensure user data protection and trust.

F

Freshfields

freshfields.com

40

Freshfields is a leading global law firm serving the world’s biggest international organizations with comprehensive legal advisory services. The firm is well-positioned in the market with elite rankings and a strong brand presence. Their website reflects a mature digital infrastructure using modern web technologies such as React and Next.js, hosted on Cloudflare with extensive use of analytics and marketing tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure client interactions.

C

CloudBees, Inc.

cloudbees.com

40

CloudBees, Inc. is a leading enterprise software company specializing in continuous integration and continuous delivery (CI/CD) solutions, primarily based on Jenkins. The company offers a comprehensive suite of DevOps tools and platforms designed to accelerate software delivery, improve developer productivity, and ensure security and compliance at scale. CloudBees holds a strong market position as the #1 Jenkins enterprise CI/CD platform provider, serving large enterprises globally with a focus on technology sectors. Their business model includes SaaS and on-premises offerings, targeting enterprise development teams and IT executives. Technically, CloudBees employs modern web technologies such as React and Next.js, hosted on AWS infrastructure with integrations to major cloud providers. The website demonstrates good digital maturity with responsive design, SEO optimization, and accessibility considerations. Marketing and analytics tools are implemented with user consent mechanisms, reflecting privacy compliance. From a security perspective, while the website implements multiple security headers and policies, a critical issue is the invalid or missing SSL certificate and disabled TLS protocols, which significantly impact the security posture. The company maintains security policies, incident response contacts, and certifications such as SOC 2 and ISO 27001, indicating a mature security framework. However, immediate remediation of SSL and TLS configurations is necessary to protect user data and maintain trust. Overall, CloudBees presents a professional and trustworthy online presence with strong business credibility and technical infrastructure. Addressing the SSL and TLS issues will elevate their security posture and align with their enterprise-grade offerings.

B

BETTERHOMES AG

betterhomes-international.com

38

BETTERHOMES AG operates as an international technology-driven real estate franchise company, pioneering a hybrid brokerage model that combines proprietary software with local market expertise. Founded in 2005 in Zurich, it holds a strong market position as the largest independent real estate broker in Switzerland and has expanded across the DACH region with plans for further international growth. The company offers franchise opportunities supported by advanced technology and a strong partner development culture. Technically, the website is built on modern frameworks including PHP 8.2, Flow Framework, and Neos CMS, with integrations of Bootstrap, FontAwesome, and various JavaScript libraries. However, the website suffers from a critical security deficiency due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site presents professional content and strong business credibility but requires urgent security improvements to protect user data and maintain trust.

U

UNTHA shredding technology GmbH

untha.com

29

UNTHA shredding technology GmbH is a well-established manufacturer specializing in industrial shredding machines for various waste and recycling applications. With over 50 years of experience and a global presence including subsidiaries in the US, the company offers tailored shredding solutions for materials such as residual wood, metal, plastics, electronic waste, and more. The website reflects a professional and comprehensive digital presence with detailed product information and customer testimonials. Technically, the site uses modern frameworks like Next.js and React, hosted on AWS CloudFront, and integrates privacy and analytics tools such as Cookiebot, Google Tag Manager, and Matomo. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that significantly impacts the site's security posture. Security headers are properly configured, but the lack of TLS protocols and certificate transparency compliance are notable vulnerabilities. Overall, the site is trustworthy and business credible but requires urgent security improvements to protect user data and enhance trust.

R

Rubix

theprojectoffice.co.nz

27

Rubix is a New Zealand-based national independent project management consultancy specializing in unlocking project potential across diverse sectors including education, infrastructure, commercial, and sustainability. The company offers comprehensive services from strategic planning through to project delivery, emphasizing sustainable design and construction practices. Their market position is supported by a mature domain and a broad portfolio of projects across New Zealand. Technically, the website is built on Craft CMS and served via nginx with Cloudflare DNS. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall. The site uses Google Tag Manager for analytics but lacks privacy and cookie policies, which impacts privacy compliance. Performance metrics indicate slow DNS resolution, and no advanced security headers or mechanisms are implemented. Security posture is weak due to missing HTTPS, lack of HSTS, and no security headers, exposing users to potential risks. The WHOIS data confirms a consistent and legitimate registration with a mature domain age, though the lack of domain protection locks is noted. Contact information is comprehensive with multiple regional offices, enhancing business credibility. Overall, the website demonstrates good business and content quality but requires urgent security improvements to protect users and enhance trust. Privacy compliance is minimal, and adding policies and consent mechanisms is recommended.

F

Flex

flex.com

40

Flex is a global enterprise specializing in advanced manufacturing and end-to-end supply chain solutions. The company offers a broad range of services including design and engineering, supply chain management, advanced manufacturing, post production, and post sale services. With a strong global footprint and multiple subsidiaries, Flex positions itself as a leader in manufacturing innovation and operational efficiency. The website reflects a professional and comprehensive digital presence, targeting businesses requiring scalable manufacturing and supply chain solutions. Technically, the website is built on WordPress and hosted on Pantheon, utilizing modern web technologies such as jQuery, Google Tag Manager, and New Relic for monitoring. The site is well-optimized for SEO and mobile responsiveness, providing a good user experience. However, performance metrics are moderate, and there is room for improvement in loading speed. From a security perspective, the site has several HTTP security headers configured, including HSTS and CSP in report-only mode. Unfortunately, the SSL certificate is invalid or missing, and no TLS protocols are enabled, which significantly weakens the security posture. No direct contact emails or phone numbers are publicly listed, but contact forms are available. Privacy and cookie policies are present and indicate GDPR compliance. Overall, while the business credibility and content quality are high, the lack of proper SSL/TLS configuration is a critical security concern that should be addressed promptly to protect user data and maintain trust.

E

Eurocom Translation Services GmbH

eurocom.at

27

Eurocom Translation Services GmbH is a well-established B2B translation and language service provider based in Austria, with over 30 years of experience and a strong market presence in the DACH region. The company offers a comprehensive suite of services including technical and marketing translations, terminology management, quality management, and language managed services such as Global SEO and machine translation. Eurocom is part of the Kaleidoscope Group, which enhances its technological capabilities and market reach. The website reflects a professional and content-rich digital presence, targeting export-oriented businesses seeking multilingual content solutions. Technically, the site is built on WordPress with modern plugins and tools, but suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no HTTPS support. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. The security posture is basic, lacking important security headers and DNS security features. Overall, Eurocom demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security and trustworthiness.

Tommy Hilfiger is a globally recognized fashion brand offering a wide range of apparel and accessories for men, women, and children through its official online shop. The website targets fashion-conscious consumers and provides a comprehensive e-commerce platform with seasonal collections, sales, and a membership program. The technical infrastructure leverages modern web technologies including Next.js, React, and Contentstack CMS, supported by a robust CDN via Akamai and integrated with multiple third-party services for analytics, marketing, and payment processing. Despite strong security header implementations, the absence of a valid SSL certificate and lack of HTTPS significantly undermines the security posture of the site. Privacy and cookie policies are well documented and indicate GDPR compliance. Overall, the website demonstrates a high level of professionalism and business credibility but requires urgent attention to its SSL configuration to ensure secure user interactions.

M

Montanuniversität Leoben

mu-leoben.at

33

Montanuniversität Leoben is a well-established technical university in Austria specializing in sustainable technologies and circular engineering. The website reflects a strong academic and research focus with comprehensive educational offerings and active international partnerships. Technically, the site uses TYPO3 CMS with modern frontend libraries but lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS and incomplete security headers, though privacy compliance is well addressed with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent improvements in security infrastructure to protect user data and enhance trust.

A

AICHELIN Holding GmbH

aichelin.com

40

AICHELIN Holding GmbH is a leading industrial manufacturing company specializing in heat treatment solutions for metallic parts and components. The company offers a broad portfolio including industrial furnace systems, industrial burner systems, vacuum furnaces, and battery materials, supported by comprehensive global service offerings. Their website reflects a professional B2B focus targeting industrial clients and equipment manufacturers. Technically, the site uses modern JavaScript libraries, Bootstrap framework, and integrates consent management and Google Tag Manager for analytics and privacy compliance. However, the SSL/TLS configuration is critically flawed with an invalid certificate and no enabled TLS protocols, posing a significant security risk. Security headers are well implemented, but the lack of valid HTTPS severely impacts the security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant. WHOIS data confirms the legitimacy and consistency of the domain registration with the business identity. Overall, the website is content-rich and professionally presented but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions and trust.

A

Amgen Inc.

amgen.com

40

Amgen Inc. is a leading global biotechnology company focused on developing innovative biologic medicines to treat serious illnesses. The website reflects a mature enterprise with comprehensive content covering its science, products, corporate responsibility, and investor relations. The target audience includes healthcare professionals, patients, investors, and partners. The business model centers on research, development, manufacturing, and delivery of biologic therapeutics, positioning Amgen as a pioneer in biotechnology with a strong market presence. Technically, the website employs modern JavaScript libraries such as jQuery and Slick Carousel, uses lazy loading for images, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. Hosting is via Amazon CloudFront CDN, supporting global content delivery. The site is mobile optimized with good SEO and accessibility basics, though some accessibility features could be enhanced. From a security perspective, the site implements several security headers including Content Security Policy and X-Frame-Options. However, a critical issue is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. No TLS protocols are enabled, and HSTS is not properly configured. These gaps expose users to potential risks and undermine trust. Overall, the website is professionally designed and content-rich, but the lack of HTTPS and valid SSL certificate is a major security concern. Strategic improvements in SSL/TLS deployment and enhanced security configurations are essential to protect user data and maintain trust. Privacy compliance is well addressed with Cookiebot and clear privacy and cookie policies. Business credibility is high, supported by consistent branding and comprehensive corporate information.

W

Wienerberger AG

wienerberger.com

39

Wienerberger AG is a leading global manufacturer and supplier of building materials, specializing in bricks, clay roof tiles, pipe systems, and surface pavings. The company holds a strong market position as the world's largest brick producer and a market leader in Europe for clay roof tiles and infrastructure solutions. The website reflects a mature and professional digital presence with comprehensive content targeting investors, customers, and job seekers. Technically, the site is built on Adobe Experience Manager and uses modern web technologies, but critically lacks HTTPS/SSL encryption, exposing users to security risks. Security headers are partially implemented, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and content quality but requires urgent security improvements to protect user data and maintain trust.

Tungsten Automation Corporation, formerly known as Kofax, is a leading enterprise technology provider specializing in AI-powered workflow automation solutions. The company offers a broad portfolio of products including document and workflow automation, accounts payable and receivable automation, print and workplace automation, and PDF and eSignature solutions. Positioned as a market leader, Tungsten Automation is recognized by industry analysts such as Everest Group and IDC for its intelligent document processing capabilities. The company targets global enterprises seeking to streamline complex, data-intensive business processes and improve operational efficiency through AI and automation technologies. Technically, the website is built on a modern stack including Sitecore CMS, jQuery, and integrates multiple marketing and analytics tools such as Google Analytics, Visual Website Optimizer, and Eloqua. Hosting appears to be on Microsoft Azure. While the site demonstrates excellent content quality, branding consistency, and user experience, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts its security posture. Privacy policies and cookie consent mechanisms are present and GDPR compliant, supporting good privacy compliance. Overall, the site reflects a mature enterprise digital presence but urgently requires remediation of its SSL/TLS configuration to meet basic security standards.

G

Getzner Textil AG

getzner.at

40

Getzner Textil AG is a well-established Austrian textile manufacturer with a history dating back to 1818. The company specializes in high-quality fashion fabrics, corporate fashion textiles, personal protective equipment, sports equipment textiles, and industrial textiles, emphasizing innovation and sustainability. Their market position is strong within Europe, serving a diverse clientele including fashion designers, garment makers, and industrial users. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Matomo Analytics, hosted behind Fastly CDN and Varnish cache. However, a critical security gap exists as the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts security posture. Privacy and cookie policies are well implemented with consent mechanisms, and the company maintains active social media channels. Overall, the domain registration and DNS data align with the company's claims, indicating legitimacy and trustworthiness.

The Australian Government Department of Foreign Affairs and Trade (DFAT) operates as the primary government agency responsible for managing Australia's international relations, trade, and diplomatic efforts. The website serves as an authoritative source of information for Australian citizens, international partners, businesses, and travelers, providing comprehensive content on foreign affairs, trade agreements, development programs, consular services, and travel advice. The site is well-branded, professionally designed, and consistent with government standards, reflecting its enterprise-level stature within the government sector. Technically, the website is built on Drupal 10 and hosted on GovCMS, a platform tailored for Australian government entities. It integrates modern tools such as Google Tag Manager and ReadSpeaker for analytics and accessibility. The site demonstrates good mobile optimization, accessibility, and SEO practices. However, performance metrics are unavailable, and some technical debt is evident in the lack of a valid SSL certificate and disabled TLS protocols, which critically impact security posture. From a security perspective, the absence of a valid SSL certificate and TLS support is a significant vulnerability, exposing users to potential data interception and undermining trust. While security headers like X-Content-Type-Options and X-Frame-Options are correctly implemented, the lack of HTTPS and session security mechanisms lowers the overall security score. Privacy compliance is partial, with a comprehensive privacy policy present but no cookie consent mechanism despite the use of tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the website is a high-quality government portal with excellent content and user experience but suffers from critical security shortcomings that must be addressed urgently to protect users and maintain trust. Strategic improvements in SSL/TLS deployment, privacy compliance, and security best practices are recommended to elevate the site's security posture and compliance standards.

A

agru Kunststofftechnik GmbH

agru.at

37

AGRU Kunststofftechnik GmbH is a well-established Austrian manufacturer specializing in high-quality plastic piping systems and related products for industrial sectors such as energy, construction, and infrastructure. The company has a strong market position as a single-source supplier with a focus on innovation, quality, and employee orientation. Their website reflects a professional business presence with comprehensive product and market information, supported by active social media channels and a GDPR-compliant privacy framework. Technically, the site is built on TYPO3 CMS with modern frontend technologies but suffers from a critical lack of HTTPS, severely impacting security and trust. The absence of SSL/TLS encryption exposes users to risks and reduces the overall security posture. Privacy compliance is well addressed through cookie consent and a detailed privacy policy. However, direct contact information like emails or phone numbers is not explicitly provided, relying mainly on forms. Overall, the site is functional and informative but requires urgent security improvements to meet modern standards.

C

Coloplast Group

coloplast.com

40

Coloplast is a mature, enterprise-level healthcare company headquartered in Denmark, specializing in intimate healthcare solutions such as ostomy, continence, bowel, wound, urology, and respiratory care. The company operates globally with a presence in over 100 countries and serves more than 2 million people annually. Their website reflects a professional and comprehensive digital presence, targeting healthcare professionals, patients, investors, and job seekers. Technically, the site uses modern JavaScript frameworks, Episerver CMS, and integrates multiple third-party services including Salesforce, Stripe, and Cookiebot. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high, supported by detailed investor relations and sustainability information. Overall, the site is professionally designed and trustworthy but requires urgent security improvements.

J

Josef Manner & Comp AG

manner.com

38

Josef Manner & Comp AG operates the website manner.com, a well-established Austrian confectionery brand specializing in Viennese wafer specialties since 1890. The website showcases a comprehensive product range, including wafers, baking products, gingerbread, and merchandise, targeting consumers interested in traditional confectionery. The brand maintains a consistent and professional online presence with rich content, social media integration, and e-commerce capabilities. Technically, the site uses modern technologies such as Vue.js, Algolia search, and Cookiebot for consent management, hosted likely on DigitalOcean. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, which is a critical issue that undermines user trust and data protection. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the website is professional and credible but requires urgent security improvements to meet modern standards.

M

Moody’s Analytics Austria GmbH

kompany.com

40

kompany is a specialized provider of real-time official company information and compliance solutions, operating as a Moody’s Analytics Austria GmbH subsidiary. The company offers services such as KYC, KYB, AML, and UBO compliance tools, credit and register reports, and entity verification across over 115 million companies globally. Their market position is strong due to Moody’s backing, targeting businesses requiring robust compliance and risk management data. Technically, the website uses modern JavaScript frameworks, Google Analytics 4, and Cloudflare for hosting and CDN services, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, but the absence of HTTPS and TLS protocols significantly reduces the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. Overall, kompany presents a professional and trustworthy business front with room for critical security improvements.

N

Novellini S.p.A

novellini.com

28

Novellini S.p.A is a well-established Italian manufacturer specializing in bathroom products such as shower cubicles, whirlpool baths, and shower trays. The company maintains a strong international presence with localized websites for many countries, targeting consumers and businesses in the bathroom fixtures market. The website is professionally designed using Adobe Experience Manager CMS and includes modern JavaScript libraries and Google Tag Manager for analytics. However, the site lacks HTTPS, which is a critical security vulnerability, and does not provide visible privacy or cookie policies, impacting privacy compliance. Social media presence is active and official, enhancing brand trust. Overall, the website demonstrates good business credibility but requires urgent security improvements.

I

Incentage AG

incentage.com

25

Incentage AG is a Swiss-based software company specializing in innovative financial technology solutions for banking and financial institutions. Their offerings include modular platforms for payment processing, securities transactions, innovation acceleration, and risk management with cyber protection. The company positions itself as a pioneer in accelerating financial innovation with a focus on flexibility and end-to-end security. The website reflects a professional and consistent brand image targeting financial sector clients. Technically, the site uses modern web technologies including Webflow CMS, jQuery, Weglot for translations, and Google Tag Manager for analytics. Hosting is via Cloudflare, but a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with cookie consent mechanisms and a privacy policy, though no explicit security policy or incident response contacts are found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in SSL/TLS deployment and enhanced security practices are recommended to strengthen trust and compliance.

Z

Zeus Petruzalek

petruzalek.com

26

Zeus Petruzalek is a well-established B2B manufacturer and distributor specializing in food packaging products and packaging machines. As part of the Zeus Group, it operates across multiple countries with a strong market presence in the manufacturing sector. The website demonstrates a professional and comprehensive digital presence with multilingual support and extensive product catalogs. Technically, the site is built on WordPress with WooCommerce and uses modern plugins and analytics tools, though performance metrics are not optimal. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, exposing the site to risks and reducing trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is credible and professional but requires urgent security improvements to protect user data and enhance trust.

M

Mundipharma International Limited

mundipharma.com

40

Mundipharma International Limited operates a global healthcare website focused on pharmaceutical and consumer health products with a strong patient-centric approach. The website targets healthcare professionals, patients, and partners, providing corporate information, career opportunities, and media resources. The digital infrastructure is built on Drupal CMS with integrations including Google Analytics, Hotjar, and various marketing and tracking tools, hosted behind Cloudflare CDN. While the website content is professionally presented with good navigation and mobile optimization, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which are critical issues that must be addressed to ensure secure communications and user trust. Privacy and cookie policies are comprehensive and GDPR compliant, but no explicit security policy or incident response information is publicly available. Overall, the website is credible and professionally maintained but requires urgent SSL/TLS remediation to improve security and trust.

W

WAFF

waff.com

40

WAFF is a well-established local media company serving Huntsville, Alabama, providing comprehensive news, weather, and sports coverage. The website demonstrates a strong digital presence with rich content, video integration, and community engagement features. The technical infrastructure leverages modern web technologies and Arc Publishing CMS, ensuring good performance and mobile optimization. However, the absence of a valid SSL certificate and HTTPS support significantly impacts the security posture, exposing users to potential risks. Privacy policies and terms of service are well documented, indicating compliance awareness, though cookie consent mechanisms are lacking. Overall, WAFF presents a professional and trustworthy media outlet with room for security enhancements.

M

MM Group

mm-packaging.com

40

MM Packaging, a division of MM Group, is a leading global manufacturer of consumer packaging solutions specializing in pharmaceuticals, food, beauty, and consumer goods sectors. The company operates a network of 56 packaging sites worldwide, emphasizing innovation and sustainability in its product offerings. The website reflects a mature digital presence with comprehensive content, multilingual support, and strong branding consistent with an enterprise-level organization. Technically, the site is built on WordPress with modern marketing and analytics integrations, but suffers from a critical lack of a valid SSL certificate and modern TLS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility and content quality are high, but the security deficiencies pose a risk to user trust and data protection.

T

The United Nations in Vienna

unvienna.org

36

The United Nations in Vienna website serves as the official digital presence of the UN's Vienna-based offices and agencies. It provides comprehensive information about the UN family in Vienna, their initiatives, sustainable development goals, and visitor information. The site targets a broad audience including diplomats, researchers, media, and the general public interested in UN activities. The business model is informational and public service-oriented, reflecting the UN's governmental and non-profit nature. The website is well-branded, consistent, and authoritative in its domain space. Technically, the site uses a combination of AngularJS and React frameworks, served via Apache, with integration of Google Tag Manager for analytics. The site is mobile optimized and has good navigation and content quality. However, performance metrics are unavailable, and accessibility is basic. SEO is moderately implemented with proper meta tags and Open Graph data. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. While some security headers are present, the absence of TLS protocols, cipher suites, DMARC, DNSSEC, and CAA records indicates a weak security posture. No incident response or vulnerability disclosure information is publicly available. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Overall, the website is trustworthy and credible given its UN affiliation and mature domain. However, the lack of HTTPS and modern security practices significantly lowers its security score and poses risks to users. Strategic improvements in SSL deployment, email security, and privacy compliance are recommended to enhance trust and security.

S

Skyliner Automatisering B.V.

skyliner.nl

36

Skyliner Automatisering B.V. is a mature Dutch ICT service provider established in 1999, offering a broad range of ICT solutions including system management, cloud services, VoIP, software development, and security services. The company targets businesses and organizations in the Netherlands seeking reliable and comprehensive ICT support. Their market position is supported by long domain tenure, recognized certifications, and positive customer testimonials. Technically, the website is built on WordPress with modern plugins and scripts, but suffers from a lack of proper SSL/TLS configuration, impacting security posture. The site is well structured with good SEO and mobile optimization, though performance metrics indicate slow loading. Security-wise, the absence of HTTPS and security headers are critical issues, though no active vulnerabilities or WAF blocking were detected. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the website reflects a credible and professional ICT business but requires urgent improvements in SSL security to enhance trust and compliance.

D

DS Smith

dssmith.com

40

DS Smith is a leading international manufacturer specializing in sustainable packaging solutions, paper products, and recycling services. The company positions itself as a global leader in sustainability within the packaging industry, targeting businesses seeking eco-friendly and innovative packaging and recycling options. The website reflects a mature digital presence with comprehensive content, multi-language support, and strong branding consistency. Technically, the site uses modern web technologies including React, Google Tag Manager, Google Analytics, and Microsoft Application Insights, hosted behind Cloudflare for performance and security. However, the SSL certificate is currently invalid or missing, which undermines the security posture. The site implements strong security headers and content security policies but has a notable subdomain takeover vulnerability on shop.dssmith.com. Privacy and cookie policies are present with consent mechanisms, indicating good GDPR compliance. Contact information is primarily via forms and physical address, with no explicit emails or phone numbers on the homepage. Social media presence is robust and consistent with corporate branding.

T

Tranter Inc.

tranter.com

38

Tranter Inc. is a global manufacturer specializing in advanced gasketed and welded plate heat exchangers, serving diverse industrial sectors such as energy, marine, HVAC, and manufacturing. The company emphasizes innovation, quality, and sustainability, supported by a global service network and a strong digital presence powered by HubSpot CMS and marketing tools. Their website offers comprehensive product information, customer stories, and resource materials tailored to industrial clients worldwide. Technically, the website is built on a modern CMS platform with integration of analytics and marketing technologies like Google Tag Manager and Cookiebot for privacy compliance. The site is well-structured, mobile-optimized, and professionally designed, providing a good user experience and clear navigation. However, the security posture is critically weak due to the absence of a valid SSL certificate and lack of HTTPS support, exposing visitors to potential risks. While security headers are partially implemented, the lack of TLS protocols and cipher suites significantly undermines the site's security. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site presents a professional and credible business front but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and protect user data. Strategic improvements in security and incident response readiness are recommended to enhance trust and compliance.

B

BWT Holding GmbH

christaqua.com

36

BWT Holding GmbH operates a professional and content-rich website focused on providing ultra-pure water solutions for the pharmaceutical, biotech, and cosmetics industries. The company positions itself as a market leader with a comprehensive product and service portfolio including purified water generation, water for injection, pure steam, and automation solutions. The website demonstrates strong branding consistency, excellent content quality, and clear navigation targeting a B2B audience in healthcare. Technically, the site uses Microsoft IIS, JavaScript libraries, Google Tag Manager, and Cookiebot for consent management, with Sitecore CMS inferred. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Contact information is primarily via a contact form, with no explicit emails or phone numbers found. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and ensure secure communications.

H

HumanWare

humanware.com

40

HumanWare is a globally recognized leader in assistive technology for people who are blind or have low vision, offering a wide range of products including electronic magnifiers, braille devices, and software solutions. The company operates under the parent company EssilorLuxottica and serves a diverse audience including students, workers, veterans, and eye care professionals. Their website is professionally designed with rich content and multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates modern marketing and analytics tools such as Google Analytics and Facebook Pixel. However, a critical security weakness is the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the site's security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the business credibility and content quality are high, but urgent improvements in SSL/TLS security are recommended.

S

St. Anna Kinderspital

stanna.at

29

St. Anna Kinderspital is a well-established pediatric hospital located in Vienna, Austria, providing comprehensive medical care for children and adolescents. The website reflects a strong commitment to patient care and family support, offering detailed information about medical departments, services, and patient guidance. The institution operates as a non-profit entity supported by donations, with clear calls to action for donations and career opportunities. Technically, the website is built on WordPress with modern plugins for SEO, multilingual support, and cookie management, but lacks HTTPS which is a critical security shortfall. Security headers are partially implemented, but the absence of SSL/TLS and modern TLS protocols significantly weakens the security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but urgently needs to implement HTTPS to protect user data and improve security.

C

CyberTrap Software GmbH

cybertrap.com

40

CyberTrap Software GmbH is a cybersecurity company specializing in deception technology to proactively detect, deceive, trap, and learn from cyber attackers. Positioned as a sophisticated provider with global accreditations, CyberTrap targets organizations seeking advanced threat detection solutions. The website is built on HubSpot CMS with integrated marketing and analytics tools, demonstrating a moderate level of digital maturity. However, the absence of HTTPS/SSL is a critical security vulnerability that undermines the security posture. While privacy policies and cookie consent mechanisms are in place and GDPR compliant, the lack of secure transport protocols poses significant risk. Overall, CyberTrap presents a professional and trustworthy business front but must urgently address SSL implementation to improve security and trust.

Salzburg AG operates a comprehensive utility and telecommunications service platform primarily serving the Salzburg region in Austria. The company offers high-speed internet services under the CableLink brand, including fiber and wireless options, alongside TV and telephony services. It also provides energy supply and transportation services, positioning itself as a regional market leader with a large operational footprint. The website reflects a mature digital presence with extensive content, clear navigation, and multiple customer engagement channels. Technically, the site uses modern web technologies and analytics tools, though it currently lacks a valid SSL certificate, which impacts its security posture. Privacy compliance is well managed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and trustworthy but should address SSL issues to enhance security and user trust.

S

SmartStream Technologies ltd.

smartstream-stp.com

40

SmartStream Technologies ltd. is a well-established leader in financial data solutions, serving banks, capital markets, buy-side firms, and corporations. Their offerings focus on operational control, cost reduction, risk mitigation, regulatory compliance, and new revenue streams. The company maintains a strong market position with a comprehensive portfolio of services including data transformation, regulatory alignment, managed services, and innovation labs. The website reflects a professional and consistent brand image targeting financial institutions and related sectors. Technically, the website is built on WordPress using Elementor and Slider Revolution, hosted behind Cloudflare for security and performance. It integrates multiple marketing and analytics tools such as Google Analytics 4, Google Tag Manager, Pardot, LinkedIn Insight Tag, and various media embedding services. Mobile optimization and SEO practices are good, though accessibility is basic. Security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS enforcement, despite Cloudflare protection and Wordfence plugin usage. Security headers are present but could be enhanced with HSTS and OCSP stapling. Privacy compliance is strong with clear GDPR-aligned policies, cookie consent mechanisms, and a data protection officer contact. Overall, the website presents a credible and professional front for SmartStream Technologies but requires urgent SSL/TLS remediation to improve security and trustworthiness. Strategic recommendations include SSL installation, enhanced security headers, and continuous monitoring of third-party integrations.

Q

Quantum Momentum Services

quantummomentum.net

39

Quantum Momentum Services is a small Australian-based business specializing in personal mentoring, coaching, spiritual healing, and business consulting services. The company offers individual mentoring, virtual assistance, and business consulting, targeting individuals and businesses seeking personal development and holistic support. The website is built on the GoDaddy Website Builder platform and integrates PayPal for payment processing. While the site presents relevant and well-structured content with clear contact information and social media presence, it lacks a valid SSL certificate, which significantly impacts its security posture. Basic privacy and terms of service documents are available, but cookie consent mechanisms and security policies are minimal or absent. Overall, the business appears legitimate and consistent with its domain registration data, but improvements in security and privacy compliance are recommended.

Leapwise is a medium-sized software development company based in Croatia, specializing in custom software solutions, system integration, and dedicated development teams primarily targeting enterprise clients in technology, telecommunications, cybersecurity, and IoT sectors. The company positions itself as a trusted partner delivering scalable, modular, and maintainable software with a strong emphasis on quality and long-term client success. The website reflects a high level of professionalism with rich content, client testimonials, and industry certifications, supporting its market credibility. Technically, the website is built on WordPress with modern plugins for SEO, caching, and analytics. However, the absence of a valid SSL/TLS certificate and HTTPS support is a significant security shortfall, exposing users to potential risks and undermining trust. Performance metrics are not available, but the use of caching and lazy loading suggests some optimization efforts. The site is mobile-optimized and accessible with good SEO practices. Security posture is weak due to lack of HTTPS and minimal security headers. No explicit security or incident response policies are published, which could be a concern for enterprise clients. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism, indicating awareness of GDPR requirements. Contact information is available primarily via forms and a physical address, but no direct company emails or phone numbers are listed. Overall, Leapwise demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS implementation to improve security and trustworthiness. Strategic recommendations include implementing HTTPS, enhancing security headers, and publishing security policies to align with enterprise client expectations.

RHI Magnesita is a global leader in the refractory industry, providing high-grade refractory products, systems, and services primarily for steel, cement, glass, and non-ferrous metals industries. The company emphasizes sustainability and innovation, targeting industrial clients worldwide. The website reflects a mature digital presence with comprehensive content, structured data, and multi-language support. Technically, the site is built on WordPress with modern plugins and libraries, but suffers from critical security shortcomings due to an invalid SSL certificate and lack of HTTPS enforcement. Security headers are present but insufficient without proper TLS. Privacy compliance is well addressed with Cookiebot consent management and a detailed privacy policy. Overall, the site is professional and trustworthy but requires urgent SSL remediation to improve security posture and user trust.

X

Xerox Corporation

xerox.com

38

Xerox Corporation is a globally recognized enterprise specializing in workplace solutions, document management, and digital printing technologies. The company serves a broad range of industries including education, legal, financial services, healthcare, government, and retail, offering products such as printers, multifunction devices, digital presses, software, and managed print services. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding, targeting business customers and partners worldwide. Technically, the website employs modern JavaScript frameworks and analytics tools such as New Relic, Google Tag Manager, and Adobe Launch, hosted likely on Microsoft Azure infrastructure. The site is mobile-optimized and accessible, with good SEO practices. However, a critical security gap is the absence of HTTPS/SSL on the main domain, exposing users to potential risks and undermining trust. Security posture is weak due to lack of SSL/TLS and missing security headers like HSTS, though some content security policies are in place. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Business credibility is high, supported by extensive corporate information, partner programs, and trust signals. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL configurations to protect users and maintain enterprise trust.

T

Taideyliopisto

uniarts.fi

29

Taideyliopisto is a leading Finnish arts university formed in 2013 by merging three major arts academies. It offers top-level education in music, visual arts, performing arts, and writing, with a strong emphasis on research and continuous learning. The university holds a notable global position in music education, reflected in its QS ranking. The website is professionally designed, multilingual, and rich in content, targeting students, researchers, and the arts community. Technically, the site runs on WordPress hosted on DigitalOcean with modern JavaScript libraries and analytics tools, though performance metrics are not optimal. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS enforcement, exposing users to potential risks. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the site is credible and trustworthy but requires urgent security improvements.

R

Rydges Wholesale Foods

rydgeswholesale.com.au

24

Rydges Wholesale Foods is a Queensland-based wholesale food supplier specializing in fresh, high-quality bulk food supplies for a variety of food service businesses including restaurants, cafés, supermarkets, and catering companies. The company positions itself as a reliable partner offering competitive pricing, extensive product ranges, and tailored delivery solutions. Their website reflects a professional and consistent brand presence with clear contact information and customer testimonials, supported by certifications such as HACCP and Safe Food Queensland. Technically, the site is built on WordPress with WooCommerce, leveraging LiteSpeed server technology and caching for performance. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. The site uses Google Analytics and Tag Manager for tracking but lacks a cookie consent mechanism, which may impact privacy compliance. Overall, the business appears legitimate and well-established locally, but urgent security improvements are needed to protect customer data and enhance trust.

Raiffeisen Bank International AG operates as a leading business bank in Austria and Central and Eastern Europe, offering a broad range of financial services including corporate banking, investor relations, and sustainability-focused products. The website targets investors, corporate and institutional clients, job seekers, and private customers, reflecting a mature and comprehensive business model with a strong market position. Technically, the site is built on Adobe Experience Manager with Vue.js components, leveraging modern analytics and marketing tools such as Mouseflow, Google Tag Manager, and hCaptcha. However, a critical security weakness is present due to an invalid SSL certificate and lack of TLS protocol support, which undermines the otherwise strong security headers and policies implemented. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, content-rich, and trustworthy but requires urgent remediation of SSL and TLS issues to ensure secure user interactions.

A

at-visions GmbH

at-visions.com

35

at-visions GmbH is a medium-sized Austrian company specializing in hospitality technology solutions including mobile apps, hotel TV, professional WIFI, and digital signage. The company targets hotels and hospitality businesses, offering integrated guest experience platforms and IT consulting services. Their website demonstrates a strong market position with numerous reputable hotel clients and technology partners. Technically, the website is built on WordPress with modern frameworks and includes accessibility and SEO optimizations. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent critical security weaknesses. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the business appears credible and professional, but urgent improvements in security infrastructure are recommended.

U

UNIQA Group

uniqagroup.com

40

UNIQA Group is a large Austrian insurance and financial services provider with a strong market presence and a public listing since 1990. The website targets investors, customers, suppliers, and job seekers, offering comprehensive information on insurance products, investor relations, sustainability initiatives, and career opportunities. The content is professionally presented with consistent branding and good quality. Technically, the website uses Apache server technology and integrates modern marketing and analytics tools such as Adobe DTM, Google Tag Manager, and Dynatrace. However, it lacks SSL/TLS encryption, which is a critical security gap. Security headers are well implemented, but the absence of HTTPS significantly reduces the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations.

T

TGW Logistics GmbH

tgw-group.com

38

TGW Logistics GmbH is a foundation-owned global leader in warehouse automation and logistics solutions headquartered in Austria. The company offers comprehensive end-to-end automated systems, software, and services tailored to industries such as fashion, grocery, industrial goods, and consumer goods. With over 4,500 employees worldwide and a strong market presence, TGW Logistics supports business growth through innovative technology and customer-centric solutions. The website reflects a professional and consistent brand image with extensive customer success stories and detailed service offerings. Technically, the site is built on TYPO3 CMS with responsive design and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of security headers significantly weaken the security posture. Privacy policies and cookie consent mechanisms are present, indicating basic GDPR compliance. Overall, the site is content-rich and credible but requires urgent improvements in security infrastructure to protect user data and enhance trust.

Silicon Austria Labs GmbH is a leading Austrian research center specializing in electronics-based systems, focusing on innovative technologies for a sustainable, smart, and connected future. The organization operates multiple locations in Austria and offers research projects, cooperation models, and R&D services, positioning itself as a key player in the technology research sector. The website reflects a professional and consistent brand image with clear communication of services and partnership opportunities. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools such as Google Tag Manager and LinkedIn Insight Tag. However, the absence of HTTPS/SSL is a critical security flaw that undermines the site's security posture. Security headers are partially implemented, but the lack of encryption exposes users to risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is supported by certifications and transparent contact information. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

B

Bergner Group

bergnerhome.com

36

Bergner Group is a well-established homeware solutions provider founded in 1999, offering a broad range of kitchenware and home products under multiple brands. The company targets consumers and retail partners globally, emphasizing innovation, quality, and comprehensive business support services. The website reflects a professional and consistent brand image with strong content relevance and user experience. Technically, the site uses modern JavaScript libraries and tracking tools but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, but direct contact details like emails or phone numbers are not explicitly provided. The WHOIS data aligns well with the business claims, supporting domain legitimacy. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

P

panagenda

panagenda.com

40

panagenda is a technology company specializing in analysis and optimization of IT collaboration landscapes, focusing on Microsoft 365 and HCL Notes/Domino environments. Their offerings include software products like OfficeExpert TrueDEM and MarvelClient, alongside consulting and diagnostic services aimed at improving digital experience and reducing operational costs. The company targets IT professionals and enterprises seeking enhanced collaboration and user experience monitoring solutions. Technically, the website is built on WordPress with a modern tech stack including PHP 8, Apache, and various analytics and marketing tools. SEO and content quality are good, with structured data and comprehensive resource hubs. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically undermines secure communications. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

A

Aldine ISD

aldineisd.org

37

Aldine ISD is a large, mature public school district based in Houston, Texas, providing a wide range of educational services and resources to students, parents, employees, and the community. The website is professionally designed with clear navigation, comprehensive content, and strong branding consistency. It serves as a central hub for district news, academic programs, employment opportunities, and community engagement. Technically, the site is built on WordPress with modern libraries and plugins, hosted on a reputable platform (WP Engine) and uses Cloudflare for CDN and caching. However, the absence of a valid SSL certificate and HTTPS support is a critical security concern that significantly impacts the site's security posture. Privacy compliance is basic, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy and authoritative but requires urgent security improvements.