Security Directory

I

Intermarket Bank AG

intermarket.at

0

Intermarket Bank AG is a specialized financial institution under the Erste Group umbrella, focusing on factoring and supply-chain finance solutions primarily for small to medium enterprises in Austria and the CEE region. The website presents a professional and consistent brand image with clear product offerings and a user-friendly interface. Technically, the site uses a proprietary CMS (GEM) and is hosted on AWS CloudFront, leveraging modern marketing and analytics tools such as Google Tag Manager and LinkedIn Insight Tag. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS availability, which severely impacts the site's security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and contact is primarily facilitated through a contact form. Overall, the site is credible and well-positioned in its market but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

BFI Oberösterreich is a leading adult education provider in Upper Austria offering a wide range of vocational training, adult education courses, and customized corporate training programs. The website is built on TYPO3 CMS and incorporates modern frontend technologies such as jQuery and Bootstrap, providing a professional and accessible user experience. The business targets both private individuals and companies, emphasizing lifelong learning and workforce development. The site includes comprehensive course catalogs, contact information, and trust signals such as certifications and partnerships with official bodies. From a technical perspective, the website demonstrates good content quality, SEO, and accessibility, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. Security headers are partially implemented, but the lack of TLS protocols and HSTS reduces the overall security posture significantly. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional and credible but requires urgent improvements in SSL/TLS configuration to ensure secure communications and protect user data. Addressing these security gaps will enhance trust and compliance with modern web security standards.

Schlüsselbauer Technology GmbH & Co KG is a medium-sized Austrian manufacturing company specializing in the development and construction of machinery for producing concrete infrastructure components such as pipes and shafts. Established in 1964, the company positions itself as an innovation leader in machine building with a global presence including subsidiaries like Schlüsselbauer North America. Their website provides multi-language support and detailed information about their products and services targeting industrial and infrastructure sectors. Technically, the website uses Apache server with standard HTML5, CSS3, and JavaScript, likely leveraging Bootstrap for responsive design. However, the site lacks HTTPS encryption, which is a critical security gap. The absence of SSL/TLS certificates and modern security headers exposes the site to risks and reduces trustworthiness. Privacy compliance is addressed with a cookie consent manager and a privacy policy, but no explicit security or incident response policies are published. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance credibility.

B

Bella Concerts

bellaconcerts.com

0

Bella Concerts is a specialized booking agency based in Vienna, Austria, focusing on nurturing and promoting talented artists primarily in the jazz and related music genres. The company offers artist booking services along with publishing and synchronization divisions, aiming to provide personalized career strategies for its clients. The website reflects a professional and consistent brand image with a clear artist portfolio and contact information, targeting music industry professionals and fans. Technically, the site is built on Webflow with modern JavaScript libraries and hosted behind Cloudflare, ensuring good performance and mobile optimization. However, the critical lack of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture, exposing visitors to risks and potentially affecting trust. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance to a basic degree. Overall, the business appears legitimate and well-positioned in its niche, but urgent security improvements are necessary to protect users and enhance credibility.

N

neu plus herz gmbh

neuplusherz.at

0

Neu plus herz gmbh is a small, independent full-service advertising agency based in Vienna, Austria, with over 25 years of experience. The company offers a broad range of services including design, photography, text, communication, web, social media, and marketing, targeting businesses seeking comprehensive advertising solutions. Their website reflects a professional and consistent brand image with a clear presentation of services and client portfolio. Technically, the site is built on WordPress using the OnePress theme and several plugins such as Yoast SEO and Matomo Analytics, indicating a modern CMS infrastructure. However, performance metrics are missing, and the site is rated as slow in loading.

F

FLUSSBAU iC GesmbH

flussbau-ic.at

0

FLUSSBAU iC GesmbH is a specialized consulting company operating internationally with a focus on water and river engineering, including flood protection, hazard zone planning, and water infrastructure construction. The company offers comprehensive services from planning to execution and engages in research and development to maintain innovation. The website reflects a professional and consistent brand presence targeting professionals and organizations in the water engineering and environmental sectors. Technically, the website is built on TYPO3 CMS with common web technologies like jQuery and Bootstrap, providing a good user experience and mobile optimization. However, the absence of HTTPS is a critical security flaw that severely impacts the site's security posture. The site implements a cookie consent mechanism and provides clear contact information, but lacks advanced security headers and domain security features such as DNSSEC and CAA records. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in security and compliance are recommended to enhance trust and protect user data.

S

Strobl Bau – Holzbau GmbH

strobl.at

0

Strobl Bau – Holzbau GmbH is a well-established construction and wood construction company based in Austria, with a history dating back to 1964. The company specializes in residential, industrial, and commercial building projects using both massive and wood construction methods. It holds a leading position in the regional market of Steiermark, offering comprehensive services including planning, coordination, and quality control. The website reflects a professional and consistent brand image, targeting property developers and clients seeking high-quality construction solutions. Technically, the website is built on WordPress with a modern tech stack including Apache, jQuery, Bootstrap, and several specialized plugins for enhanced user experience and functionality. However, the site lacks a valid SSL certificate and does not support modern TLS protocols, which significantly impacts its security posture. Despite this, the site implements several security headers and has a good privacy and cookie policy framework with consent mechanisms, indicating a commitment to compliance. The security evaluation reveals critical vulnerabilities due to the absence of HTTPS, lack of strong cipher suites, and incomplete HSTS implementation. These issues pose risks to data confidentiality and user trust. The website provides multiple contact channels, including phone, email, and contact forms, along with active social media profiles, enhancing its business credibility. Overall, while the business and content quality are strong, the security shortcomings require urgent attention to protect users and maintain trust. Strategic improvements in SSL/TLS deployment and security configurations are recommended to elevate the site's security and compliance standards.

W

Wartenberg & Co · Großhandel: Hydrokolloide, Lecithine, Stärke, Zucker

wartenberg.at

0

Wartenberg & Co is a well-established Austrian family-owned business specializing in the wholesale distribution of sugar and food raw materials, with over 100 years of market presence. Their product portfolio includes various types of sugar, starch and derivatives, hydrocolloids, lecithins, and other food additives, with a strong emphasis on sustainability, bio and fair trade certifications, and personalized customer service. The website is built on WordPress with Elementor and includes modern SEO and GDPR compliance features. However, the absence of a valid SSL certificate and HTTPS support represents a critical security vulnerability that undermines user trust and data protection. The company demonstrates good business credibility and compliance with industry standards such as the IFS Broker certification. Strategic improvements in security infrastructure are recommended to enhance the overall security posture and trustworthiness.

I

IGT Geotechnik und Tunnelbau Ziviltechniker G.m.b.H.

ate.consulting

0

Austrian Tunnel Engineers (ATE) is a specialized engineering consultancy focused on complex tunnel construction projects worldwide. The company emphasizes its Austrian roots and over 35 years of cumulative experience, offering a wide range of services including project design, geotechnical and structural engineering, consulting, and site supervision. The website presents a professional and comprehensive overview of their expertise and project portfolio, targeting infrastructure developers and engineering firms. Technically, the site is built on WordPress with optimization plugins but lacks a valid SSL certificate, resulting in insecure HTTP connections. Security posture is weak due to missing HTTPS, lack of security headers, and no advanced SSL configurations. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect users and enhance trust.

IntelliEdge GmbH is a technology company specializing in cloud, edge computing, AI, and IoT solutions, primarily targeting SMEs and organizations seeking digital transformation. The company is a TU Wien spin-off with strong academic and industry partnerships, delivering services such as sustainable engineering, AI and data solutions, agile project inception, and innovation advisory. Their market position is that of a young, innovative, and trusted technology partner with a focus on quality and agile delivery. Technically, the website uses modern frontend libraries and is hosted on AWS infrastructure but lacks a valid SSL certificate, resulting in no HTTPS availability and a slow performance profile. Security posture is weak due to missing SSL/TLS, lack of security headers, and no advanced domain security configurations. Privacy compliance is basic with presence of privacy and cookie policies but no explicit consent mechanisms. Business credibility is strong with clear company information, testimonials, and partner listings. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and improve trust.

The Bernard Gruppe is a medium-sized, owner-managed engineering group founded in 1983, specializing in interdisciplinary engineering services across energy, industry, infrastructure, and transportation sectors. With approximately 400 employees and operations in over 40 countries, the company offers comprehensive consulting, planning, and project realization services, including specialized software and hardware solutions. The website content reflects a professional engineering firm with a broad service portfolio and international presence. Technically, the website is built on WordPress using the Avada theme and includes a cookie consent mechanism from an external provider. However, the site lacks HTTPS support and modern security configurations, which significantly impacts its security posture. Performance data is missing, and SEO and accessibility features are basic. No analytics or tracking services beyond cookie consent are detected. From a security perspective, the absence of a valid SSL certificate and HTTPS is a critical vulnerability, exposing users to potential data interception risks. The site also lacks security headers, DNSSEC, and other modern protections. No privacy policy, terms of service, or incident response information is provided, indicating gaps in compliance and security transparency. Overall, the website presents a moderate business credibility but suffers from significant security and privacy shortcomings. Strategic improvements in SSL deployment, security headers, and privacy documentation are essential to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

R

Rhema Gemeinde

rhema.at

0

Rhema Gemeinde is a small non-profit religious community based in Linz, Austria, focused on providing Christian church services, youth and children programs, and community events. The website serves as an informational and engagement platform for members and visitors, offering event details, livestream access, and contact options. The technical infrastructure is based on TYPO3 CMS with common web technologies such as Bootstrap and jQuery, hosted via easyname.eu. However, the site lacks HTTPS encryption, which is a critical security deficiency. Security headers are minimal, and no advanced security or incident response policies are evident. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the site is functional and professionally designed but requires urgent security improvements to protect user data and enhance trust.

The website interspar.at currently presents a Cloudflare security challenge page that blocks access to its actual content, preventing a full analysis of business and compliance information. The domain is registered and DNS records indicate legitimate infrastructure consistent with the Spar brand in Austria. However, the SSL certificate is invalid or missing, resulting in no HTTPS support, which is a critical security issue. The site uses Cloudflare as a WAF and CDN provider, but the challenge page limits content accessibility. No privacy, cookie, or terms of service policies are detectable, nor are any contact details or business descriptions available on the landing page. Overall, the site’s security posture is weak due to missing SSL and limited content exposure, and the business credibility cannot be fully assessed due to lack of accessible information.

W

WALTER LEASING GmbH

walter-leasing.com

0

WALTER LEASING GmbH is an established Austrian company specializing in leasing and hire purchase of trucks and trailers. With a mature domain age of 25 years and a consistent brand presence, the company targets businesses and individuals seeking transportation leasing solutions. The website offers multilingual support and uses modern web technologies such as Vue.js and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of a valid SSL/TLS certificate is a critical security gap that undermines user trust and data protection. The site employs a strong Content Security Policy and cookie consent management via OneTrust, reflecting good privacy compliance practices. Overall, while the business and technical foundations are solid, urgent improvements in security infrastructure are needed to enhance trust and compliance.

König GesmbH is a small Austrian IT services company established in 1989, specializing in vendor-neutral technology solutions including network infrastructure, software support, hardware supply, data backup, consulting, and repair services. The company maintains long-term customer relationships and emphasizes independent product selection. Technically, the website is built on WordPress with the Divi theme and uses Apache hosting via Hetzner. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. No advanced security headers or incident response policies are publicly disclosed. Privacy compliance is minimal with a basic privacy policy present but no cookie consent mechanism. Overall, the website is professionally designed with good content quality but suffers from significant security shortcomings that impact trust and user safety.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Backhausen GmbH was a company that ceased operations on June 30, 2023. The website serves primarily as a closure notice and contact point for former customers and stakeholders. It is managed under the parent company AMEEA Beteiligungs GmbH. The site is minimalistic, bilingual (German and English), and lacks active e-commerce or interactive features. Technically, the website is built on Magento with jQuery libraries and served by an Apache server. However, it lacks a valid SSL certificate, resulting in HTTP-only access, which significantly impacts security posture. No privacy or cookie policies are present, and no security headers beyond basic HTTP headers are implemented. Contact information is limited to two company email addresses related to brand and archive inquiries. Overall, the site is informational with basic technical implementation and poor security and privacy compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

s-team IT solutions GmbH

s-team.at

0

s-team IT solutions GmbH is a small Austrian IT services company based in Vienna, specializing in IT infrastructure, server maintenance, virtualization, and custom web development. Established in 2002, it serves a diverse clientele including small and large companies as well as public organizations. The website reflects a professional and consistent brand presence with clear contact information and client testimonials, indicating a trustworthy business. Technically, the site runs on Contao CMS with common JavaScript libraries but lacks a valid SSL certificate, which is a significant security concern. The absence of HTTPS exposes visitors to potential data interception risks. Security headers are well configured, but the lack of modern TLS protocols and HSTS reduces the overall security posture. Privacy compliance is partially met with a GDPR-compliant privacy policy but no cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect users and enhance trust.

T

Tiroler Sparkasse

tirolersparkasse.at

0

Tiroler Sparkasse is a well-established Austrian banking institution with a history dating back to 1822. It offers a comprehensive range of financial services including retail banking, digital banking via the George platform, savings, investments, loans, and insurance products. The website reflects a mature digital presence with modern design, structured data, and clear navigation targeting diverse customer segments such as private customers, youth, businesses, and investors. Technically, the site uses a proprietary CMS (GEM) and is hosted on AWS CloudFront CDN, employing modern web technologies and accessibility features. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Security headers are partially implemented, and privacy compliance is strong with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent SSL/TLS remediation to ensure secure user interactions.

K

KERRES | PARTNERS

kerres.at

0

KERRES | PARTNERS is a well-established Austrian law firm with over 30 years of experience, specializing in commercial law, litigation, arbitration, corporate, and contract law. The firm positions itself as a trusted legal advisor to companies, corporations, private clients, and foundations. The website reflects a professional and consistent brand image with good content relevance and clear navigation, targeting primarily German-speaking clients with multilingual support. Technically, the site runs on Drupal 7 with standard libraries and includes Google Analytics for visitor tracking. However, the absence of HTTPS and a valid SSL certificate is a critical security shortfall, exposing visitors to potential risks. Security headers are partially implemented, but key protections like HSTS and modern TLS protocols are missing. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security and privacy improvements.

P

planlicht GmbH&Co. KG

planlicht.com

0

PLANLICHT GmbH&Co. KG is an Austrian company specializing in architectural LED lighting solutions, serving sectors such as office, public, hospitality, and retail. Their website offers a comprehensive product catalog, customization options, and detailed technical documentation, targeting architects and lighting professionals. The company maintains a professional online presence with multilingual support and active social media channels. Technically, the website is built on WordPress with popular plugins and frameworks, providing a good user experience and moderate performance. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that undermines user trust and data protection. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Business credibility is supported by clear contact information, job listings, and consistent branding. Overall, the site is functional and professional but requires urgent security improvements.

Hofegger Branding is a Vienna-based branding agency established in 2000, specializing in brand strategy, design, management, and consulting services. The company targets businesses seeking to develop or reposition their brands with a focus on meaningful connection and clarity. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses Craft CMS and SEOmatic, hosted on internex.at, and is optimized for mobile devices. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Security headers are present but cannot compensate for the lack of encryption. Privacy and terms policies are available, supporting GDPR compliance. Contact information is comprehensive, including email, phone, physical address, and a contact form. Overall, the site is credible and professional but requires urgent security improvements.

Visiativ Austria GmbH is a well-established digital transformation partner specializing in CAD and Product Lifecycle Management (PLM) solutions for manufacturing companies. With over 30 years of experience, the company offers a comprehensive portfolio including consulting, software sales, and training services. Their market position is strong within the manufacturing and technology sectors, supported by partnerships with Dassault Systèmes and a broad regional presence across Europe. The website reflects a professional and consistent brand image with high-quality content and effective SEO practices. Technically, the website is built on WordPress with modern plugins for SEO, caching, and cookie consent management. The infrastructure includes Apache hosting with DNS managed via Google Domains. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Other security best practices such as SPF records for email and vulnerability scanning show positive signs, but the lack of HTTPS is a major concern. The security posture is currently basic, with no detected vulnerabilities but missing essential HTTPS protections and security headers. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies and consent mechanisms. Contact information is clearly provided, including phone numbers and social media links, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to enable HTTPS and modern TLS protocols. Strategic recommendations include installing a valid SSL certificate, enabling HSTS, and improving server security headers to enhance trust and protect user data.

T

Ticket Gretchen GmbH

ticketgretchen.com

0

Ticket Gretchen GmbH operates a mobile application platform focused on providing fast and direct ticket sales for cultural events across Austria, including theater, musicals, concerts, and operas. The company targets cultural enthusiasts, especially younger demographics such as U27 and U30, offering exclusive promotions and original tickets without price surcharges. The website reflects a professional and well-branded presence with comprehensive event listings and user testimonials, positioning the company as a leading cultural ticketing service in Austria. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and WPBakery Page Builder. It integrates analytics and marketing tools including Google Analytics, Google Tag Manager, and Facebook Pixel, supporting moderate user tracking and marketing efforts. Hosting is provided via Amazon AWS DNS infrastructure. The site is mobile-optimized and SEO-friendly, delivering a good user experience. From a security perspective, the website lacks HTTPS encryption, which is a critical vulnerability exposing users to potential data interception. Security headers are minimal, and no advanced security policies or incident response information are published. While no immediate vulnerabilities or malware are detected, the absence of SSL/TLS and security best practices significantly lowers the security posture. Overall, the business is credible and trustworthy based on domain registration consistency, clear contact information, and positive user feedback. However, the lack of HTTPS and cookie consent mechanisms presents compliance and security risks. Strategic improvements in security infrastructure and privacy compliance are recommended to enhance user trust and regulatory adherence.

LB-electronics GmbH is a market-leading distributor of high-quality and innovative broadcast technologies based in Austria. The company offers specialized system solutions including studio planning, lighting technology, mobile transmission, and video over IP, complemented by comprehensive service offerings. Their website targets broadcast technology professionals and media production companies, positioning them as a key player in the Austrian broadcast technology sector. Technically, the website is built on Joomla CMS with several modern libraries and plugins, but suffers from poor SSL/TLS configuration, lacking a valid certificate and modern protocols, which poses security risks. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

ITH icoserve technology for healthcare GmbH is a medium-sized company operating in the healthcare technology sector, specializing in innovative software solutions for medical data management and healthcare networking. As a subsidiary of Siemens Healthineers, it holds a strong market position as a leading software provider in Health IT. The website is professionally designed with good content quality and clear navigation, targeting healthcare providers and IT professionals. Technically, the site is built on TYPO3 CMS with modern frontend libraries, but lacks a valid SSL certificate, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS significantly reduces the security posture. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism via Cookiebot. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy but requires urgent security improvements.

Upstream Mobility is a small Austrian company specializing in digital municipal mobility solutions, offering a cloud-based platform and white-label apps to integrate various mobility providers and services. Their business model focuses on B2B and B2G markets, targeting municipalities and public transport authorities to enable Mobility as a Service. The website is built on Squarespace, featuring professional design and good content relevance, but suffers from critical security issues due to lack of a valid SSL certificate and HTTPS support. The security posture is weak, with no modern TLS protocols enabled and no advanced security headers beyond basic HSTS and X-Content-Type-Options. Privacy compliance is basic, with a cookie consent mechanism and a privacy policy page present, but no terms of service or incident response information. Contact is primarily via web forms, with no explicit company emails or phone numbers displayed. The domain registration is consistent with the business claims and hosted on Squarespace infrastructure. Strategic improvements in security and contact transparency are recommended to enhance trust and compliance.

ARWAG Holding-AG is a Vienna-based real estate developer specializing in provision-free residential and commercial properties. The company focuses on sustainable, high-quality housing projects and offers services including property development, leasing, and property management. The website reflects a mature market position with clear business offerings targeted at property buyers, renters, and investors in Vienna. Technically, the site is built on SilverStripe CMS with modern JavaScript libraries and includes privacy consent management and analytics integrations. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, which undermines secure communications. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

D

Der Grazer

grazer.at

0

Der Grazer is a regional online news media outlet focused on providing current news, event information, and photo galleries related to Graz, Austria. The website targets local residents and visitors interested in city news, politics, culture, and lifestyle. It operates primarily as an advertising-supported online news portal with additional services such as an e-paper and club membership. The site uses TYPO3 CMS and common web technologies like Bootstrap and jQuery, indicating a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of HTTPS significantly weaken its security posture. While cookie consent and privacy policies are present, indicating GDPR awareness, no explicit security or incident response policies are found. Overall, the website is functional and professionally designed but requires urgent improvements in security to protect user data and enhance trust.

RMK Regionalmedien Kärnten GmbH operates the website Mein Sonntag, a regional media platform providing tourism and culinary content focused on the Alpen-Adria region. The site offers a mix of digital and print media, including articles, recipes, event information, and an online shop. The company is positioned as a trusted regional media provider with a consistent brand and a medium-sized operation based in Austria. Technically, the website is built on WordPress with WooCommerce and uses modern plugins and themes, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS enabled and valid SSL certificates, though improvements like HSTS and OCSP stapling could enhance security further. Privacy compliance is well addressed with comprehensive privacy and cookie policies and active consent management. Overall, the website demonstrates a professional and trustworthy digital presence suitable for its audience and business goals.

U

Up2Go International LLC

up2go.com

0

Up2Go International LLC is a small technology company founded in 2009 in Austria, focused on transforming organizational collaboration through its Responsibility-as-a-Platform™ digital solution. The company promotes non-hierarchical leadership and responsible collaboration models, targeting organizations seeking innovative operational frameworks. The website is professionally designed using Squarespace, with good content quality and consistent branding, although it lacks comprehensive privacy and terms of service documentation. Technically, the site uses modern web technologies but suffers from poor SSL/TLS configuration, lacking a valid certificate and modern protocol support, which significantly impacts its security posture. Minimal user tracking is implemented via Google Analytics, with essential cookies only, aligning with a privacy-conscious approach. Overall, the site is functional and credible but requires urgent security improvements and enhanced privacy compliance to strengthen trust and protect visitors.

Raiffeisen is Austria's largest banking group, offering a wide range of financial services to private and corporate customers through a strong regional presence and digital platforms. The website reflects a mature digital infrastructure built on Adobe Experience Manager with modern JavaScript frameworks, providing excellent user experience and comprehensive content. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocols, which is a critical issue for a financial institution. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to protect customer data and maintain trust.

The website for blumatix-consulting.at is currently not configured and serves a default Microsoft Azure 404 error page. There is no accessible business content, contact information, or policies available on the site. The domain is registered and DNS records indicate hosting on Microsoft Azure with email services via Outlook, consistent with a small consulting business based in Austria. However, the lack of a valid SSL certificate and absence of any meaningful content or security configurations significantly reduce the website's credibility and security posture. The site does not implement any privacy or cookie policies, nor does it provide contact or incident response information, indicating a very low level of digital maturity and compliance readiness.

Funstage GmbH is a well-established social casino game publisher founded in 2005 and operating under the parent company Greentube, a division of NOVOMATIC. The company offers a portfolio of over 20 social casino and gaming apps targeting a global audience, with a strong presence in Europe and the US. Their business model focuses on delivering engaging social casino experiences with unique meta features and strong player satisfaction. Technically, the website uses modern web technologies including the Astro framework and Cloudflare hosting, with good mobile optimization and SEO practices. However, the site lacks a valid SSL certificate, which is a critical security flaw. Security headers are present but insufficient without HTTPS. Privacy compliance is basic, with a privacy notice but no cookie or terms of service policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent security improvements.

T

Tyrolean Jets & Services

tjs.at

0

Tyrolean Jets & Services is a well-established private jet charter and aircraft management company based in Austria, with over 45 years of experience. The company offers premium private aviation services including luxury travel, aircraft management, and operations, targeting affluent individuals and businesses seeking exclusive and flexible travel options. Their website reflects a high level of professionalism with rich multimedia content and clear contact information, including physical addresses and social media presence. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture and user trust. The site implements cookie consent mechanisms but lacks a visible privacy policy and terms of service, indicating gaps in privacy compliance. Overall, while the business credibility and content quality are strong, urgent improvements in security and privacy compliance are recommended to enhance trust and protect user data.