Security Directory

A

Aug. RATH jun. Gmbh

rath.at

0

RATH Austria is a well-established manufacturer specializing in high-quality chamotte stones and related refractory products for heating and stove systems, with a history spanning over 130 years. The company targets stove builders, dealers, and industrial clients primarily in Austria and Europe. Their website is built on TYPO3 CMS and provides comprehensive product and service information, including planning services for stove builders. However, the technical infrastructure shows critical security gaps, notably the absence of HTTPS, which exposes users to significant risks. The site employs some security headers but lacks modern SSL/TLS protocols and DNS records, indicating potential configuration issues. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism. Overall, the business credibility is solid, but the security posture requires urgent improvement to protect user data and maintain trust.

G

GLATZ Gruppe

glatz.at

0

GLATZ Gruppe is a medium-sized family-owned manufacturing and service business based in Austria, specializing in stamps, printing plates, and packaging management solutions. The company operates multiple subsidiaries and maintains a professional online presence with detailed contact information and active social media channels. Technically, the website is built on Contao CMS and uses modern JavaScript libraries, but suffers from critical security shortcomings such as lack of HTTPS and valid SSL certificates. Privacy compliance is well addressed with comprehensive cookie consent and privacy policies. The absence of a valid SSL certificate and missing DNS records reduce the overall trust and security posture, posing risks to user data confidentiality and site integrity. Strategic improvements in SSL deployment and DNS configuration are essential to enhance security and trust.

Austro Engine GmbH is a medium-sized Austrian manufacturer specializing in innovative aircraft engines, including jet fuel piston engines and rotary engines for UAV and APU applications. As part of the Diamond Aircraft Group, it holds recognized certifications and serves a global aviation market including private owners, flight schools, and special mission operators. The website is professionally designed, content-rich, and well-branded, reflecting a strong market position in general aviation engine manufacturing. Technically, the site uses TYPO3 CMS and integrates modern marketing and analytics tools, but suffers from poor performance and lacks HTTPS, which is a critical security concern. Security headers are minimal and SSL/TLS configuration is inadequate, exposing the site to risks. Privacy compliance is well addressed with clear policies and consent management. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect users and enhance trust.

A

Aumayr GmbH

aumayr.com

0

Aumayr GmbH is a well-established Austrian manufacturing company specializing in ventilation and metal technology solutions with over 50 years of experience. The company offers a broad range of products and services including custom ventilation components, metal fabrication, installation, and maintenance. Their market position is strong regionally, supported by certifications such as ISO and the Austria Gütezeichen. The website reflects a professional digital presence with good content quality and clear navigation targeting industrial clients and business customers. Technically, the site is built on WordPress with modern plugins but lacks a valid SSL certificate, which is a critical security gap. Privacy compliance is well addressed through the use of a consent management platform and clear privacy and cookie policies. Overall, the business credibility is high, but the lack of HTTPS significantly impacts the security posture and overall risk profile.

N

NETxAutomation Software GmbH

netxautomation.com

0

NETxAutomation Software GmbH is a medium-sized company specializing in building management software and multi-protocol gateways for medium-sized and enterprise building automation projects. With over 20 years of experience and a presence in more than 100 countries, the company offers a comprehensive suite of products including the NETx BMS Platform and NETx Multi Protocol Server, alongside services such as project analysis, commissioning, and driver development. Their target audience includes system integrators, electrical engineers, and end customers seeking integrated building automation solutions. Technically, the website is built on Joomla CMS with jQuery and FontAwesome libraries, served by an Apache 2.4.62 server. However, the site lacks a valid SSL certificate and does not support HTTPS or modern TLS protocols, which significantly impacts its security posture. Performance metrics are not available, but the site shows basic mobile optimization and accessibility features. SEO is basic but includes meta tags and alternate language links. From a security perspective, the site implements some security headers such as Strict-Transport-Security and X-Content-Type-Options, and uses HttpOnly cookies. However, the absence of a valid SSL certificate, lack of TLS support, and missing advanced security headers reduce the overall security score. No explicit security or incident response policies are found, and no vulnerability disclosure or security.txt file is present. Overall, the website is professional and content-rich but suffers from critical security shortcomings due to missing HTTPS. Strategic improvements in SSL/TLS deployment and enhanced security policies are recommended to improve trust and compliance.

E

EFM Versicherungsmakler AG

efm.at

0

EFM Versicherungsmakler AG is a leading insurance brokerage firm in Austria, serving both private and commercial clients with a wide range of insurance products and services. The company positions itself as the number one insurance broker in Austria with over 75 locations and more than 120,000 customers. Their business model focuses on independent insurance comparison and personalized local broker services. The website is built on TYPO3 CMS with Bootstrap and jQuery, featuring a professional design and good navigation, targeting German-speaking Austrian customers. However, the technical infrastructure shows weaknesses, notably the lack of a valid SSL certificate and the use of an outdated PHP version, which pose significant security risks. Cookie consent and privacy policies are implemented, reflecting GDPR compliance efforts. The site integrates Google Analytics and Facebook Pixel for analytics and marketing purposes, with moderate user tracking.

H

Hotel Das Innsbruck GmbH & CO. KG

hotelinnsbruck.com

0

Hotel Das Innsbruck GmbH & CO. KG operates a 4-star hotel located in the historic center of Innsbruck, Austria. The business offers a range of hospitality services including accommodation, wellness and spa facilities, conference and seminar hosting, and dining options. The website is professionally designed with excellent content quality and clear navigation, targeting tourists and business travelers seeking premium lodging and event services in Innsbruck. The company has a strong market position supported by recognized certifications such as the TripAdvisor Certificate of Excellence and Gault Millau recommendations. Technically, the website uses a modern CMS (Condeon) and popular JavaScript libraries, but suffers from slow performance and lacks HTTPS, which is a critical security gap. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy. Business credibility is high with transparent contact information and structured data markup.

F

Friendly Fire Communications GmbH

friendlyfire.at

0

Friendly Fire Communications GmbH is a Vienna-based technology company specializing in advanced 3D visualizations, virtual production, and interactive digital experiences. With approximately 20 years of experience and a client portfolio of over 100 brands, they offer a broad range of services including product visualization, real-time 3D configurators, digital brand storytelling, and virtual production solutions. Their business model focuses on delivering customized digital transformation packages tailored to client needs, targeting businesses seeking innovative digital marketing and product engagement tools. Technically, the website is built on WordPress with modern plugins such as Elementor Pro, Yoast SEO, and WPML for multilingual support. The site integrates multiple analytics platforms including Google Analytics and Matomo, and employs performance optimizations via WP Rocket. Hosting is provided by World4You. The site is well-structured, mobile-optimized, and rich in multimedia content, reflecting a mature digital presence. From a security perspective, the site lacks HTTPS, which is a critical vulnerability exposing users to data interception risks. Other security best practices such as HSTS, DNSSEC, and security headers are not implemented. The site does have a comprehensive privacy policy and cookie consent mechanism, indicating good privacy compliance. Contact information is clearly provided, enhancing business credibility. Overall, while the business and website demonstrate professionalism and strong market positioning, the absence of HTTPS significantly undermines security posture and user trust. Immediate implementation of SSL/TLS is strongly recommended to mitigate this critical risk.

A

Akras Flavours GmbH

akras.at

0

Akras Flavours GmbH is an established Austrian manufacturer specializing in flavors and ingredients for the food and beverage industry. Founded in 1938, the company has evolved into an international leader offering a broad portfolio of aroma and beverage base products. Their website reflects a mature digital presence with comprehensive content, multilingual support, and active engagement through news and trend analytics. Technically, the site is built on WordPress with modern plugins and SEO optimizations, though performance is moderate and accessibility is basic. Security posture is a concern due to the absence of a valid SSL certificate and lack of HTTPS, which exposes the site to risks and undermines user trust. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Overall, the business demonstrates strong credibility and trust signals but must urgently address its SSL/TLS configuration to improve security and user confidence.

T

Urlaub & Reisen direkt beim Reiseveranstalter buchen – TUI.at

tui.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 25 security findings identified across all modules.

2

2beFOUND Performance Marketing GmbH

2befound.at

0

2beFOUND Performance Marketing GmbH is a specialized digital marketing agency based in Austria, focusing on search engine marketing and optimization services. The company holds a Google Partner certification for 2025, indicating recognized expertise in Google Ads and related services. Their website is built on the Jimdo CMS platform and targets German-speaking business clients seeking to improve their online visibility and search engine rankings. The site content is professionally presented with clear navigation and relevant marketing messaging. Technically, the website uses standard web technologies and integrates Google Analytics for visitor tracking. However, the lack of a valid SSL certificate and HTTPS support is a significant security shortfall that undermines user trust and data protection. The company provides clear contact information including a physical address and phone number, but lacks a Terms of Service page and explicit incident response or security policies. Overall, the business appears credible and established, but the website's security posture requires urgent improvement to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

W

Wenzel Logistics GmbH

wenzel-logistics.com

0

Wenzel Logistics GmbH is a medium-sized Austrian transport and logistics company offering a broad range of services including intermodal transport, road freight, sea freight, warehousing, and special transports across Europe. The company maintains a professional online presence with clear service descriptions and active social media channels. Technically, the website is built on WordPress using Elementor and optimized with WP Rocket, but critically lacks a valid SSL certificate, impacting security posture. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. The domain registration is consistent with the business claims, indicating legitimacy. Strategic recommendations include immediate SSL implementation and enhanced security headers to improve trust and compliance.

P

pewag International GmbH

pewag.com

0

pewag International GmbH is a historic Austrian manufacturer specializing in chains and lifting solutions with a global market presence. The company offers a broad portfolio including snow chains, forestry technique, conveyor systems, and DIY products, supported by digital configurators and advisory tools. The website reflects a mature digital infrastructure built on WordPress with multilingual support and integrated analytics and consent management tools. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability, undermining user trust and data protection. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, pewag demonstrates strong business credibility and content quality but must urgently address its security posture to align with industry best practices.

Cegeka is a well-established European IT company specializing in end-to-end IT solutions, consulting, and digital transformation services. The company targets enterprise clients across multiple sectors including technology, energy, finance, telecommunications, manufacturing, and government. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation. Technically, the site is built on HubSpot CMS, leveraging modern web technologies such as Lit and custom web components, and is hosted behind Cloudflare. However, the SSL certificate is invalid or missing, which significantly impacts the security posture. Security headers are well implemented but cannot fully compensate for the lack of proper HTTPS. Privacy and cookie policies are present and GDPR compliant, though no explicit security or incident response policies are found. Overall, the website demonstrates strong business credibility and marketing sophistication but requires urgent SSL remediation to improve security and trust.

M

Motrada Handels GmbH

motrada.net

0

Motrada Handels GmbH is a specialized IT company based in Vienna, Austria, providing customized white-label remarketing platforms primarily for leasing companies, fleet managers, and importers across Europe. Established in 2005, the company has delivered over 60 platforms in 17 countries, positioning itself as a European specialist in this niche. The website reflects a professional and consistent brand image with clear business descriptions and target audience focus. Technically, the site is built on WordPress with modern plugins and frameworks such as Elementor and Slider Revolution, but lacks a valid SSL certificate, which is a critical security shortfall. The presence of cookie consent mechanisms and privacy policies indicates good privacy compliance, although no explicit security or incident response policies are found. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

K

Kirchliche Pädagogische Hochschule Edith Stein

kph-es.at

0

The Kirchliche Pädagogische Hochschule Edith Stein is a regional educational institution in Austria specializing in teacher training and pedagogical education. It operates across four locations in western Austria and offers a range of study programs, continuing education, and research activities. The website is professionally designed and targets prospective and current educators, social pedagogues, and related professionals. The institution is positioned as a reputable academic entity with a clear focus on education and professional development. Technically, the website is built on TYPO3 CMS and uses Apache server technology. It integrates Google Tag Manager for analytics but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks and undermines trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism is evident. Contact information is provided primarily via a contact page and footer address, with no direct emails or phone numbers visible on the main page. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

R

Raiffeisen Informatik Technical Services GmbH

ri-s.at

0

Raiffeisen Informatik Technical Services GmbH is a specialized IT service provider focused on delivering on-site user support and field services primarily for the Raiffeisenbanken group, RBI Konzern, and UNIQA in Austria. The company positions itself as a market leader in providing high-quality, timely, and competent IT and security services tailored to banking and insurance sectors. Their service portfolio includes security technology, banking technology, print management, IT services, and telecommunications. The website content and branding consistently reflect their business focus and certifications, including ISO 9001 and ISO 27001, underscoring their commitment to quality and security. Technically, the website is built on WordPress with Apache server infrastructure and uses jQuery and custom JavaScript for interactivity. DNS is managed via Cloudflare secondary nameservers, but the SSL/TLS configuration is critically lacking, with no valid certificate installed and no TLS protocols enabled, which severely impacts the security posture. Performance metrics indicate slow loading, and while mobile optimization is good, accessibility and SEO optimizations are basic. Security-wise, the site implements several important HTTP security headers such as Content Security Policy, X-Frame-Options, and X-XSS-Protection, but these are undermined by the absence of HTTPS. The lack of OCSP stapling, session resumption, and certificate transparency compliance further weakens the security stance. No cookie consent mechanism or incident response contact information is present, which may affect privacy compliance and incident handling readiness. Overall, the website demonstrates a moderate level of professionalism and business credibility but suffers from critical security configuration issues that must be addressed urgently. Strategic improvements in SSL/TLS deployment, privacy compliance, and incident response transparency are recommended to enhance trust and security posture.

EREMA Engineering Recycling Maschinen und Anlagen Ges.m.b.H. is a leading Austrian manufacturer specializing in plastic recycling machinery and systems. Founded in 1983, the company has established itself as a global market leader with over 7000 systems deployed worldwide, producing millions of tons of recycled granulate annually. Their business model focuses on manufacturing innovative recycling machines, providing customer testing centers, and offering digital solutions to optimize recycling processes. The website reflects a professional and comprehensive digital presence targeting industrial clients and businesses in the recycling sector. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, GSAP, and various UI libraries, hosted likely via A1 Telekom Austria infrastructure. However, the site lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Performance data is missing, and while mobile optimization and SEO are good, accessibility is basic. Privacy and cookie policies are well implemented with consent mechanisms, indicating good GDPR compliance. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the site's security posture, exposing users to potential risks. Other security headers and best practices are missing, and no incident response or vulnerability disclosure information is provided. The domain registration details align well with the company's claims, supporting legitimacy. Overall, while the business and content quality are excellent, the critical lack of HTTPS and SSL significantly lowers the security score and overall trustworthiness. Strategic improvements in security infrastructure are essential to protect users and maintain the company's reputable market position.

Z

zustellpartner.at

zustellpartner.at

0

zustellpartner.at is a specialized regional job platform based in Austria, focusing on providing self-employed newspaper and food delivery jobs primarily in the regions of Steiermark, Kärnten, and Osttirol. The website targets pensioners, students, job seekers, and early risers looking for flexible part-time work. The business model revolves around connecting job seekers with delivery opportunities on a self-employed basis, emphasizing flexible scheduling and local engagement. The site is well-positioned within its niche market, offering clear job listings and application pathways.

K

Konfigurator

druck-und-zustellung.at

0

The website druck-und-zustellung.at presents a minimalistic Angular-based configurator interface with no visible business content, contact information, or legal pages such as privacy policy or terms of service. The technical infrastructure includes modern frontend technologies like Angular and the Didomi Consent SDK for cookie consent management, but lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Security headers are partially implemented, but the absence of TLS protocols and cipher suites severely weakens the security posture. The domain registration appears consistent with an Austrian business presence, but the lack of visible business details and minimal content reduces trust and credibility. Overall, the site is functional but immature in content and security maturity.

H

Hill Woltron Management Partner GmbH

hill-woltron.com

0

Hill Woltron Management Partner GmbH is a well-established HR consulting and personnel placement firm operating primarily in Austria and Germany. With over 50 years of experience as an owner-managed family business, it offers a broad range of HR services including recruiting, personnel development, management audits, and employee surveys. The company targets both corporate clients and job candidates, leveraging a strong network and professional expertise to connect people with career opportunities. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on WordPress using Elementor as the page builder, supported by LiteSpeed Cache for performance optimization. It integrates Google Analytics and Google Tag Manager for analytics and marketing purposes. However, the website lacks HTTPS, which is a critical security shortfall. The site is mobile-optimized and SEO-friendly but suffers from slow performance due to missing SSL and possibly other optimizations. From a security perspective, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. While no other major vulnerabilities or exposed sensitive data were detected, the lack of HTTPS exposes users to risks such as data interception. The site includes a GDPR-compliant privacy and cookie policy with a consent mechanism, but no explicit security policy or incident response information is available. Overall, Hill Woltron presents a credible and professional business with strong market positioning in HR services. The primary risk is the missing HTTPS, which should be addressed urgently to protect user data and improve trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing security and incident response policies to strengthen compliance and user confidence.

Magenta.at is the official website of T-Mobile Austria GmbH, a leading telecommunications provider in Austria offering mobile, internet, TV, and bundled services for both consumers and business customers. The website is professionally designed with rich content, clear navigation, and strong branding consistency. It targets a broad audience including private and business users, providing detailed product offerings and customer support resources. Technically, the site is built on Adobe Experience Manager with modern web technologies including AngularJS and jQuery, and integrates marketing and analytics tools such as Google Tag Manager and Usercentrics CMP. However, the website suffers from a critical security issue: the SSL certificate is invalid and no TLS protocols are enabled, severely impacting the security posture. Security headers are partially implemented, but improvements are needed to ensure secure communications. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms in place. Contact information is available primarily via phone and web forms, but no direct company emails are published. Overall, the site is trustworthy and legitimate, with WHOIS data consistent with the company identity. Strategic security improvements are recommended to restore full HTTPS security and enhance user trust.

B

BDI Bioenergy

bdi-bioenergy.com

0

BDI-BioEnergy International GmbH is a medium-sized Austrian company specializing in technology development and industrial plant engineering focused on chemical recycling, bioenergy, and sustainable industrial solutions. The company positions itself as an innovative leader with a strong emphasis on research, development, and turnkey plant solutions for the circular economy. Their key services include biodiesel retrofit, advanced pretreatment, smart operations, biogas, and green technology solutions. The website is built on WordPress with a modern tech stack including Yoast SEO, WPML for multilingual support, and various plugins for user interaction and spam protection. However, the site lacks HTTPS, which is a critical security shortfall. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The company holds ISO 9001:2015 certification, enhancing its credibility. Overall, the website is professional and well-structured but requires urgent security improvements to protect user data and enhance trust.

ENERGIEALLIANZ Austria GmbH is a well-established energy sales and trading company founded in 2001, serving millions of customers in Austria and abroad with electricity, natural gas, and related services. The website reflects a mature digital presence built on TYPO3 CMS with modern web technologies and a focus on sustainability and customer service. Security posture is strong with HTTPS, secure cookies, and OCSP stapling, though improvements like HSTS and security.txt could enhance it further. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Contact information is transparent and includes multiple channels. Overall, the site demonstrates professionalism, trustworthiness, and good technical implementation.

S

Steuerexperten Wien | Österreich

steuerexperten.at

0

Steuerexperten.at is a well-established Austrian tax consultancy and business advisory firm based in Vienna, offering a broad range of services including tax consulting, accounting, business immigration, and corporate services. The company targets both Austrian and international clients, leveraging a digital platform (steuerexperten.PRO) to enhance client engagement and document management. The website is professionally designed, multilingual, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of valid SSL/TLS certification, exposing users to security risks. Privacy compliance is strong, with GDPR-aligned policies and cookie consent mechanisms in place. Contact information and trust signals such as certifications and testimonials are clearly presented, supporting business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect client data and enhance trust.

X

x.test GmbH

xtest.at

0

x.test GmbH is a specialized company in electronic measurement technology based in Austria, founded in 2010. The company offers a range of products and consulting services focused on electronic measurement, emphasizing quality and customer trust. The website is built on WordPress with modern plugins and frameworks, providing a professional and user-friendly experience. However, the absence of an SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. The site implements GDPR-compliant cookie consent mechanisms and provides clear privacy and terms of service pages, reflecting good privacy compliance. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical.

T

Thomas Ebenstein

ebenstein.info

0

The website represents Thomas Ebenstein, a professional tenor associated with the Wiener Staatsoper, serving as an artist portfolio and promotional platform. The site targets opera enthusiasts and event organizers, providing information about the artist and his season engagements. Technically, the site is built on WordPress using popular page builders like Elementor and WPBakery, hosted on viennacix.com infrastructure. While the design and content quality are good with proper SEO and mobile optimization, the site lacks a valid SSL certificate, which significantly impacts its security posture. Analytics tools such as Google Analytics and Jetpack Stats are used, with a cookie consent mechanism in place, indicating some level of privacy compliance. However, the absence of explicit contact information, security policies, and incident response details limits the site's trustworthiness and business credibility. Overall, the site is functional and professional but requires critical security improvements to enhance user trust and compliance.

W

Google Ads Agentur | Conversion-Optimierung | Wien, Krems

webperfect.at

0

Website security analysis completed with a risk score of 26/100.

Website security analysis completed with a risk score of 29/100.

Zeuxis & Parrhasius is a small retail e-commerce business specializing in handcrafted luxury wallpapers based in Vienna, Austria. The website is built on the Shopify platform, leveraging modern web technologies and optimized for mobile devices. The business targets customers seeking premium wallcoverings with worldwide shipping options. While the site demonstrates good design quality, clear navigation, and professional content, it lacks a valid SSL certificate, which significantly impacts its security posture. The presence of multiple payment options and partner affiliations adds trust signals, but the absence of a visible privacy policy and direct contact emails limits privacy compliance and user trust. Overall, the site is functional and professional but requires critical security improvements to enhance user safety and compliance.

A

AEROCOMPACT Europe GmbH

aerocompact.com

0

AEROCOMPACT Europe GmbH operates as a global provider of photovoltaic mounting solutions, specializing in intelligent solar racking systems for roofs and open spaces. The company positions itself as a dynamic pioneer in the energy transition sector, offering both physical products and digital planning tools such as the Aerotool platform. Their market presence is supported by multiple global offices and a comprehensive service portfolio targeting solar engineers, project developers, and wholesalers. Technically, the website is built on TYPO3 CMS and employs modern web technologies including Google Tag Manager, Swiper.js, and Globe.gl for interactive features. While the site is content-rich and well-structured with good SEO practices, performance metrics indicate slow loading times, and accessibility features are basic. Mobile optimization is good, ensuring usability across devices. From a security perspective, the site lacks a valid SSL certificate and does not properly support HTTPS, which is a critical vulnerability. Security headers are minimal, and modern TLS protocols are not enabled. Despite these issues, the site uses secure cookies and has implemented privacy and cookie policies compliant with GDPR. Analytics and marketing tools are in use, with moderate user tracking. Overall, the website demonstrates strong business credibility and content quality but suffers from significant security shortcomings that must be addressed to protect user data and maintain trust. Strategic improvements in SSL/TLS configuration and security headers are recommended to elevate the security posture and compliance level.

O

Okto Community TV

okto.tv

0

Okto.tv is a community television platform based in Austria, focused on providing a space for media creators to develop and share their content. The website offers video streaming, live TV, workshops, and community engagement features. It targets local and cultural content creators and viewers, operating as a niche media broadcaster with a small organizational size and a mature domain age of 19 years. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and Usercentrics CMP for cookie consent, but lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. The security posture is weak due to missing TLS protocols, HSTS, and other security headers. Privacy compliance is good with clear policies and consent mechanisms. The site lacks explicit contact information and incident response details, which impacts business credibility. Overall, the site is functional and content-rich but requires urgent security improvements to protect user data and enhance trust.

M

M.O.O.CON GmbH

moo-con.com

0

M.O.O.CON GmbH is a leading consulting firm specializing in sustainable buildings, service, and change processes. The company focuses on creating identity-forming work, learning, and cultural environments that contribute significantly to business success, user satisfaction, and environmental sustainability. Their market position is strong within the German-speaking region, targeting corporate clients across various sectors including facility management, human resources, and organizational development. The website reflects a professional and comprehensive presentation of their services and projects, supported by active social media engagement and content marketing through blogs and whitepapers. Technically, the site is built on TYPO3 CMS with modern web fonts and widgets, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. This exposes visitors to potential risks and undermines trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are necessary to align with best practices and protect user data.

L

Leube: Leube | Ihr Partner für Baustoffe und Betonteile

leube.at

0

Website security analysis completed with a risk score of 27/100.

O

ÖAG - Wir sind die Traditionsmarke am österreichischen Sanitärmarkt und bevorzugter Partner für über 7.000 Installateure, Planer, Architekten und Bauherren im Bereich Sanitär, Heizung und Rohinstallat

oeag.at

0

Website security analysis completed with a risk score of 36/100.

S

Wir machen Räume lebendig | SIBU Design

sibu.at

0

Website security analysis completed with a risk score of 26/100.

B

Biofaction KG

biofaction.com

0

Biofaction KG is a small interdisciplinary research and science communication company based in Austria, specializing in emerging sciences, technologies, and art-science collaborations. The company offers a range of services including research projects, integrated communication, public engagement events, training, and media production. Their market position is niche, focusing on bridging science and society through innovative communication and artistic approaches. The website is built on WordPress using the Divi theme and incorporates modern web technologies such as PHP 8 and jQuery, with integrations for Mailchimp and Contact Form 7 for marketing and contact purposes. However, the site lacks HTTPS, which is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present and appear GDPR compliant, with clear contact information and social media presence enhancing business credibility. Performance data is missing, suggesting potential issues with site speed or monitoring. Overall, the site is professionally designed and content-rich but requires urgent security improvements to meet modern standards.

M

MarineXchange Software GmbH

marinexchange.com

0

MarineXchange Software GmbH operates a comprehensive enterprise software platform, MXP365, tailored for the cruise industry. The company provides a wide range of modules and digital solutions designed to enhance operational efficiency and guest experience onboard cruise ships. Positioned as a leading technology provider in this niche, MarineXchange leverages partnerships and acquisitions, such as Bytepoets, to expand its capabilities and market reach. The website reflects a mature digital presence with professional design and rich content targeting cruise lines and hospitality stakeholders. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern CMS infrastructure with SEO and user experience considerations. However, performance metrics are lacking, and the site shows slow loading characteristics. Mobile optimization is good, but accessibility features are basic. The site integrates analytics and cookie consent tools, demonstrating awareness of privacy compliance. Security posture is a significant concern due to the absence of HTTPS and SSL certificates, lack of HSTS, and missing DNSSEC and CAA records. While no active vulnerabilities or malware are detected, the lack of encryption exposes users to risks and undermines trust. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, MarineXchange presents a credible and professional business with strong market positioning but must urgently address critical security gaps to protect its users and maintain trust. Strategic improvements in security infrastructure and performance optimization are recommended to align with industry best practices.

M

mlu-recordum Environmental Monitoring Solutions GmbH

recordum.com

0

JCT NextGen AQMS is a specialized provider of air quality monitoring solutions, leveraging the acquisition of mlu-recordum to offer innovative and cost-effective environmental monitoring products. The company operates under the JCT Group umbrella, which includes subsidiaries focused on gas sampling, liquid sampling, and process analytics. The website presents a professional and consistent brand image targeting industrial and environmental sectors, primarily in Austria. Technically, the site is built on WordPress with Elementor and uses Borlabs Cookie for GDPR-compliant cookie management. However, the absence of a valid SSL certificate and HTTPS implementation is a significant security shortfall. While privacy policies and contact information are well presented, the lack of explicit security policies, incident response, and vulnerability disclosure pages indicates room for improvement in security transparency. Overall, the site is functional and informative but requires urgent security enhancements to protect users and improve trust.

T

tipp3 Sportwetten Österreich

tipp3.at

0

tipp3.at is a well-established Austrian sports betting platform, operating since 2001 and owned by Österreichische Lotterien. It offers a wide range of sports betting options including live betting, classic bets, and special bet types, targeting primarily Austrian sports bettors. The website features a professional design with clear navigation and extensive content covering numerous sports and events. Technically, the platform uses modern JavaScript frameworks and integrates with Sportradar for live data, but lacks a valid SSL certificate and proper TLS support, which is a significant security concern. Privacy compliance is strong with clear policies and consent mechanisms in place. Overall, the site is trustworthy and professional but needs urgent improvements in its security infrastructure.

Q

QimiQ Handels GmbH

qimiq.com

0

QimiQ Handels GmbH operates a well-established retail website focused on food products and cooking ingredients, targeting both consumers and professional chefs. The company offers a range of products such as QimiQ Classic, Sahne-Basis, Whip, Vegan, and Tiramisu, complemented by recipe content, professional workshops, and a newsletter. The website is multilingual and professionally designed, reflecting a consistent brand presence and active engagement through social media and marketing tools. Technically, the site is built on WordPress with modern plugins and frameworks, leveraging Cloudflare for CDN and caching. However, a critical security gap exists due to the absence of HTTPS/SSL, exposing users to potential risks. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the site demonstrates good business credibility and user experience but requires urgent security improvements.

Austria Trend Hotels is a well-established hospitality company operating multiple hotels across Austria and Slovenia, targeting both leisure and business travelers. The website provides comprehensive hotel listings, booking capabilities, and event services, supported by a modern technical infrastructure including Pimcore CMS and various tracking and marketing tools. However, the lack of a valid SSL certificate is a critical security weakness that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly presented. Overall, the site demonstrates strong business credibility and user experience but requires urgent security improvements.

S

Strolz GmbH

strolz.at

0

Strolz GmbH is a well-established Austrian retail and rental company specializing in alpine sports equipment and fashion, with a history dating back to 1921. The company operates a multi-floor flagship store in Lech am Arlberg and offers a wide range of services including ski and snowboard rental, fitting, and bike rental. Their market position is that of a premium, exclusive provider catering to winter sports enthusiasts and fashion-conscious customers. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates with Google Analytics and Tag Manager, and uses a Magnolia CMS. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good GDPR compliance. Overall, the business demonstrates strong credibility and professionalism but must address its SSL/TLS configuration urgently to improve security posture and user trust.

B

bfi-kaernten.at

bfi-kaernten.at

0

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

aheadmedia.com is a small media and design company based in Vienna, Austria, focusing on creative and media services. The website content is minimal and uses outdated web technologies, indicating a low level of digital maturity. The technical infrastructure is basic, hosted on Apache with no modern CMS or frameworks detected. Security posture is weak due to the absence of HTTPS and valid SSL certificates, exposing visitors to potential risks. No privacy or cookie policies are present, and no contact information is provided, which impacts trust and compliance negatively. Overall, the website presents a low level of professionalism and security readiness.

P

premotion.at

premotion.at

0

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 13 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

The website infoscreen.at is currently inaccessible, returning a 403 Forbidden error page with minimal HTML content. This prevents any meaningful content or metadata extraction. The domain is registered and DNS records indicate active hosting and email services, but the lack of a valid SSL certificate and HTTPS support severely impacts the security posture. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. Overall, the website appears to be either under maintenance, restricted, or misconfigured, resulting in a poor user experience and low trustworthiness.

K

Kulturformat

kulturformat.at

0

Kulturformat is a medium-sized Austrian media company specializing in cultural advertising formats such as City Lights, Telelights, and various poster and column advertising solutions. The website is built on Drupal 10 and hosted via Amazon CloudFront CDN, indicating a modern infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, reflecting good privacy awareness. The site offers clear navigation and professional design, targeting businesses and organizations interested in cultural advertising in Austria. Social media presence is limited to LinkedIn, and contact is primarily through web forms. Overall, the site is functional and professional but requires urgent security improvements.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.