Security Directory

M

Mag. Boris Zalokar & Elke Blümel-Zalokar, MSc

ambros-zalokar.at

0

The website ambros-zalokar.at represents a small healthcare service provider specializing in psychological therapy, coaching, biofeedback, and corporate health management primarily serving clients in Austria. The business is positioned as a regional psychological practice with a focus on both individual and corporate clients, offering a broad range of mental health and workplace wellness services. The website content is well-structured, professionally presented, and provides clear contact information and service descriptions, targeting individuals and companies seeking psychological and health management support. Technically, the site is built on the IONOS MyWebsite CMS platform, leveraging Apache server technology and CDN services for content delivery. However, the site lacks HTTPS support due to an invalid or missing SSL certificate, which critically impacts security posture and user trust. Performance metrics are not provided, but the site is likely slow given the chunked transfer encoding and lack of optimization indicators. Mobile optimization is good, and basic SEO practices are in place, though accessibility features are minimal. From a security perspective, the absence of HTTPS and modern TLS protocols is a significant vulnerability. While some security headers are present, the lack of SSL/TLS encryption, HSTS, and incident response contact information exposes the site to risks. No privacy or cookie policies are published, indicating non-compliance with GDPR and related privacy regulations. No analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the website presents a credible business with professional content but suffers from critical security and privacy compliance gaps. Strategic improvements in SSL deployment, privacy policy publication, and security best practices are essential to enhance trust and protect user data.

Coveris is a large manufacturing company specializing in sustainable, high-performance packaging solutions across multiple sectors including food, medical, pet food, agriculture, and industrial markets. The company operates extensively in the EMEA region with over 4,000 employees and 28 sites, emphasizing sustainability and innovation through initiatives like their No Waste strategy and ReCover recycling program. The website reflects a professional corporate presence with comprehensive content and legal compliance documentation. Technically, the site uses Apache on Ubuntu, with Enhavo CMS and integrates Cookiebot for consent management and Google Maps API for location services. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security shortfall, significantly impacting the site's security posture. Despite this, no WAF or blocking mechanisms are detected, and the site is fully accessible. The WHOIS data aligns with the business claims, showing consistent registration without privacy protection, supporting legitimacy. Overall, the site demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

W

Website Information

wozabal.com

0

The website wozabal.com is currently parked or under construction, displaying only a minimal placeholder page indicating it is managed or parked by T-Mobile Austria GmbH. There is no substantive business content, contact information, or policies available on the site. The domain has valid DNS records and mail exchange configured with Outlook services, indicating legitimate domain registration and hosting. However, the lack of SSL/TLS certificate means the site is served over unencrypted HTTP, which is a significant security concern. No security headers or privacy compliance mechanisms are present, and the site performance is slow with minimal resources loaded. Overall, the website lacks essential elements for trust, security, and user engagement, resulting in a low security and compliance posture.

K

Kammer für Arbeiter und Angestellte für Wien

akwien.at

0

The website akwien.at represents the Kammer für Arbeiter und Angestellte für Wien, a government-related non-profit organization advocating for workers' rights and social services in Vienna, Austria. The site offers comprehensive information and services including legal advice, consumer protection, educational resources, and digitalization funding. It targets employees and workers in Vienna, providing a rich content experience with clear navigation and strong branding. Technically, the site is built on a Gentics Portal CMS with a modern tech stack including jQuery, Bootstrap, Matomo Analytics, and Usercentrics for consent management. Hosting is provided by Anexia. While the site is mobile optimized and accessible, performance metrics indicate slow loading, and the SSL/TLS configuration is currently invalid, which is a critical security concern. Security posture is moderate with several security headers implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security score. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism in place. Business credibility is high due to consistent branding, official contact information, and alignment with WHOIS data. Overall, the site is a professional and trustworthy resource for workers in Vienna but requires urgent improvements in SSL/TLS configuration and performance optimization to enhance security and user experience.

M

Mixed Reality I/O

mixed-reality.io

0

Mixed Reality I/O operates a professional and content-rich website focused on augmented reality, virtual reality, 3D modeling, and AI consulting and development services. The company targets businesses seeking spatial computing strategies and innovative digital experiences. Their market position is supported by a history dating back to 2008, international experience, and notable client partnerships. Technically, the website is built on WordPress with a modern plugin ecosystem, supporting multilingual content and interactive 3D models. However, the absence of HTTPS and proper SSL configuration represents a critical security vulnerability, exposing users to risks and undermining trust. Privacy compliance is addressed with cookie consent and a comprehensive privacy policy, but incident response and security policies are not evident. Overall, the website demonstrates strong business credibility and user experience but requires urgent security improvements to meet industry standards.

O

Otago Online Consulting GmbH

contentcook.at

0

Otago Online Consulting GmbH is a well-established Austrian online marketing agency specializing in SEO, SEA, social media marketing, display and video advertising, and data analytics. The company has a strong market position with a clear growth strategy including acquisitions such as Content Cook. Technically, the website is built on WordPress with modern marketing and analytics tools integrated, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced headers or incident response information published. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and trustworthy but urgently needs to implement HTTPS to improve security and trust.

A

Agenda Austria

agenda-austria.at

0

Agenda Austria is an established independent think tank based in Austria, focusing on economic and socio-political research and analysis. The organization provides a variety of content including publications, graphics, podcasts, and events aimed at policymakers, academics, and the interested public. Their market position as the first independent think tank in Austria specializing in these areas is supported by a consistent and professional online presence. Technically, the website is built on WordPress with a modern tech stack including caching, SEO optimization, and consent management tools. The site is well-structured, mobile-optimized, and offers good user experience with clear navigation and rich content. However, the SSL/TLS configuration is currently inadequate, lacking a valid certificate and modern protocol support, which poses a security risk. Security-wise, the site implements several important HTTP security headers and uses reCAPTCHA for form protection, but the absence of valid HTTPS and modern TLS protocols significantly lowers its security posture. Privacy compliance is strong, with clear privacy and cookie policies and GDPR-compliant consent mechanisms. Overall, the website is trustworthy and professional but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing domain security with DNSSEC and CAA records.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2, dnsHealth. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

H

HAAI GmbH

haai.at

0

HAAI GmbH is a medium-sized Austrian company specializing in providing innovative hardware, software, and IT services primarily targeting enterprises and small to medium businesses. The company positions itself as a trusted partner with exclusive partnerships with major technology brands such as A1, Apple, Microsoft, and Samsung, offering comprehensive device management and telecommunications solutions. Their business model focuses on B2B services including Device as a Service (DaaS), logistics, and IT security solutions. Technically, the website is built on WordPress with modern plugins and uses Cloudflare for CDN and security. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. The site implements GDPR-compliant cookie consent via Usercentrics and uses Google Tag Manager for analytics, reflecting a moderate level of privacy compliance. Overall, the website is professionally designed with good content quality and clear navigation, but the lack of HTTPS is a major risk that should be addressed promptly.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 17 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

A

Altstoff Recycling Austria

ara.at

0

Altstoff Recycling Austria (ARA) is a leading non-profit organization in Austria specializing in circular economy and recycling services, particularly for packaging, electrical devices, and batteries. The website presents comprehensive information about their services, target audiences (businesses and consumers), and their role as a market leader in Austria. The technical infrastructure uses modern web technologies such as nginx, htmx, and lazy loading, hosted on Azure DNS. However, the site lacks HTTPS, which is a critical security deficiency. Security headers are well configured, but the absence of SSL/TLS significantly lowers the security posture. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website is professional, content-rich, and trustworthy but requires urgent security improvements to enable HTTPS and enhance user trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 12 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth. Failed to analyze: securityHeaders, gdpr, nis2, networkSecurity. 11 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

SST Steuerungstechnik GmbH

sst.at

0

SST Steuerungstechnik GmbH is a small Austrian manufacturing company specializing in control technology for industrial machinery. Their services include control system engineering, project consulting, commissioning, prototyping, and series production, targeting industrial sectors such as automotive and warehouse technology. The website content is professionally presented in German, with clear navigation and relevant business information, although it lacks privacy and cookie policies. Technically, the website runs on PHP 8.1.32 with nginx and is likely hosted by Liwest ISP in Austria. However, the site lacks HTTPS support and a valid SSL certificate, which severely impacts its security posture. No modern security headers or protocols are implemented, and performance data suggests slow loading. The site does not use analytics or marketing tools, indicating minimal user tracking. From a security perspective, the absence of HTTPS and security headers exposes visitors to risks such as data interception. The lack of privacy and cookie policies also indicates non-compliance with GDPR requirements. No incident response or vulnerability disclosure information is provided, limiting transparency. Overall, the website is functional and provides essential business contact details but requires urgent improvements in security and privacy compliance to enhance trustworthiness and protect users.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 15 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

din – Dietmar Nocker Sicherheitstechnik GmbH & Co KG is a medium-sized Austrian company specializing in emergency lighting solutions with over 40 years of industry experience. The company offers a comprehensive portfolio including product development, systems, and service support, targeting businesses requiring compliant emergency lighting. Their market position is strong in Austria and neighboring countries, supported by multiple locations and a professional online presence. Technically, the website is built on WordPress with multilingual support and privacy-conscious analytics via Matomo. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security shortfall, exposing users to risks and undermining trust. The company demonstrates good privacy compliance with detailed cookie consent mechanisms and GDPR-aligned policies. Overall, the business is credible and professional but must urgently address its security posture to protect users and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Folyo GmbH operates a specialized out-of-home advertising platform focused on measurable vehicle advertising using premium electric and hybrid vehicles. Their business model emphasizes performance-driven campaigns with pay-per-impression pricing, targeting brands, agencies, and professional drivers primarily in Austria. The website presents a professional and consistent brand image with clear service offerings including vehicle branding, in-car digital screens, and creative add-ons such as product sampling and urban gamification. Technically, the site is built on Bitrix CMS and served via LiteSpeed, incorporating common web technologies like jQuery and Google Fonts. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the security posture. Security headers are minimal, and no advanced security or incident response policies are publicly disclosed. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Vienna Capital Partners (VCP) is an established independent corporate finance advisory firm operating primarily in Central, Eastern, and Southeastern Europe with offices in Vienna and Warsaw. The company specializes in mergers and acquisitions, strategic advisory, capital advisory, and related financial services targeting large and mid-sized corporations, private equity funds, entrepreneurs, and family offices. Their market position is strong within their niche, supported by a professional website showcasing detailed transaction references and senior professionals. Technically, the website is built on WordPress with common plugins and frameworks but suffers from an invalid SSL certificate, which undermines its security posture. The site is mobile optimized and provides clear contact information but lacks advanced security headers and explicit security or incident response policies. Overall, the business credibility is good, but security improvements are necessary to enhance trust and compliance.

Berufsförderungsinstitut Burgenland (BFI Burgenland) is a regional vocational education and training provider based in Austria, specializing in continuing education, certifications, and workforce development services. The website targets individuals seeking professional development and companies aiming to qualify their workforce. The business holds several certifications and maintains a consistent brand presence with clear contact information and social media engagement. Technically, the site is built on the Contao CMS platform, utilizing common JavaScript libraries and hosted on servers associated with your-server.de and second-ns.de DNS providers. However, the website lacks a valid SSL certificate and HTTPS configuration, which is a critical security shortfall. Security headers are partially implemented, and cookie consent mechanisms are in place, indicating some privacy compliance efforts. Overall, the site offers good content quality and user experience but requires urgent security improvements to protect user data and enhance trust.

LiSEC is a well-established Austrian manufacturer specializing in flat glass processing machinery and related software solutions. With over six decades of experience and a strong global export presence, LiSEC positions itself as a technology leader in the manufacturing sector, offering robust, innovative, and high-quality products. The company supports its customers with comprehensive after-sales services, training, and digital tools, emphasizing long-term partnerships and trust. Technically, the website is built on the TYPO3 CMS platform, hosted behind Amazon CloudFront CDN, and integrates marketing and analytics tools such as HubSpot and Google Tag Manager. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy and cookie policies are present and appear GDPR compliant, supporting responsible data handling practices. Overall, the website demonstrates strong business credibility and professional presentation but requires urgent security improvements to protect user data and maintain trust.

M

Microtronics Engineering GmbH

microtronics.at

0

Microtronics Engineering GmbH is a medium-sized Austrian company specializing in technology solutions for environmental technology and energy management. Their offerings include advanced data loggers, sensors, and an IoT platform designed for reliable data transmission even in harsh environments. The company has a strong international presence with partners in 80 countries and a focus on B2B markets in energy and environmental sectors. Technically, the website is built on WordPress with WooCommerce and Elementor, integrating marketing and analytics tools such as HubSpot and Google Analytics. However, the security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS security to protect users and enhance credibility.

Website security analysis completed with a risk score of 40/100.

Hoval Österreich operates as a leading provider of technologically advanced heating and climate control solutions in Austria, targeting both residential and commercial sectors. Their product portfolio includes heating systems for heat pumps, oil, gas, biomass, and solar, complemented by climate technology solutions for heating, cooling, and ventilation. The company maintains a strong market position supported by a comprehensive website that offers detailed product information, customer references, and service options including customer support and online ordering via myHoval. Technically, the website is built on the SAP Commerce (Hybris) platform, integrating modern marketing and analytics tools such as Google Tag Manager, Google Analytics, and OneTrust for cookie consent management. However, performance is moderate with slow DNS resolution and no page size or load time data available. Mobile optimization and SEO are well addressed, but accessibility is basic. From a security perspective, the site lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening its security posture. While security headers like HSTS, X-Frame-Options, and XSS protection are present, the absence of a valid certificate and weak SSL/TLS configuration are critical issues. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Contact information is available but lacks explicit security policy or incident response details. Overall, the website is professional and trustworthy from a business and content perspective but requires urgent improvements in SSL/TLS configuration to enhance security and user trust. Strategic recommendations include fixing the SSL certificate, enabling modern TLS versions, and tightening CORS policies.

S

Stadtgemeinde Amstetten

amstetten.at

0

The website amstetten.at serves as the official online portal for the Stadtgemeinde Amstetten, a municipal government entity in Austria. It provides residents and visitors with comprehensive information about city administration, services, events, and public resources. The site targets local citizens and stakeholders, offering key services such as event announcements, service directories, job postings, and public transportation information. The business model is that of a government entity focused on public service delivery and community engagement. Technically, the website is built on the WordPress CMS platform, utilizing common plugins such as Yoast SEO for search optimization, WP Statistics for analytics, and Complianz for GDPR-compliant cookie management. The site employs Apache as the web server and includes JavaScript libraries like jQuery and RoyalSlider for interactive features. While the site is mobile-optimized and accessible, performance data is incomplete, and the site currently lacks a valid SSL certificate, resulting in no HTTPS support. From a security perspective, the absence of a valid SSL certificate is a critical vulnerability, exposing users to potential data interception risks. The site does not implement modern TLS protocols, HSTS, or OCSP stapling, which are essential for secure communications. However, no known vulnerabilities such as Heartbleed or POODLE were detected. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy aligned with GDPR requirements. Overall, the website is a well-structured and professionally maintained municipal portal with good content quality and user experience. The primary risk lies in the lack of HTTPS, which should be addressed urgently to protect user data and enhance trust. Strategic recommendations include implementing a valid SSL certificate, enabling modern security protocols, and enhancing security headers to improve the site's security posture and compliance.

K

Kröswang GmbH

kroeswang.at

0

Kröswang GmbH operates as a leading Austrian wholesale supplier specializing in fresh and frozen food products for the gastronomy and retail sectors. The company maintains a strong market presence with multiple locations and a comprehensive online shop targeting business customers primarily in Austria and Germany. Their business model focuses on B2B supply with emphasis on freshness and quality, supported by a broad product range and reliable 24-hour delivery service. Technically, the website is built on TYPO3 CMS with modern marketing and analytics integrations, including Google Tag Manager and Hotjar, providing a solid digital infrastructure. However, the absence of a valid SSL/TLS certificate and lack of HTTPS severely undermines the security posture, exposing users and business operations to significant risks. While privacy and cookie policies are well implemented and GDPR compliant, the lack of published security policies and incident response mechanisms indicates room for improvement in governance. Overall, the site is professional and content-rich but requires urgent security upgrades to protect business and customer data effectively.

R

Redline Enterprise GmbH

redlineenterprise.com

0

Redline Enterprise GmbH is a leading Austrian full-service provider specializing in event technology, offering comprehensive solutions including lighting, sound, video, LED technology, live streaming, and stage and rigging construction. The company serves a diverse clientele including international brands, renowned events, and top musical acts, positioning itself as a trusted partner in the media and event production industry. Their website is professionally designed, content-rich, and targets event organizers, corporate clients, and production companies. Technically, the site runs on TYPO3 CMS with modern PHP and uses common web technologies such as jQuery and Bootstrap. However, the absence of a valid SSL certificate and proper HTTPS configuration significantly impacts their security posture. While security headers are partially implemented, critical improvements are needed to secure user data and communications. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website reflects a medium-sized enterprise with a solid market position but requires urgent security enhancements to align with best practices.

E

EQUES Advisors

equesadvisors.com

0

EQUES Advisors is a boutique advisory firm based in Vienna, Austria, specializing in transforming potential into growth by connecting investors, projects, and ideas. The firm emphasizes trust, discretion, and strategic alignment to facilitate successful business partnerships. Their key services include investor search and selection, information and knowledge search, real estate advisory, and strategic business development. The website reflects a professional and consistent brand image targeting investors and businesses seeking advisory services. Technically, the site is built on the Wix platform using modern JavaScript frameworks like React, but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. The site has basic mobile optimization and SEO metadata but lacks comprehensive privacy and cookie policies, impacting privacy compliance. Security headers are partially implemented, but the absence of SSL and modern TLS protocols significantly lowers the security posture. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

Pension Gatterhof is a small hospitality business located in Riezlern, Kleinwalsertal, Austria, offering holiday apartments and rooms with breakfast and hotel services. The website is built on TYPO3 CMS with a modern responsive design and includes online booking capabilities and social media integration. However, the site lacks a valid SSL certificate, exposing visitors to security risks and reducing trust. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found. The domain registration is consistent with the business claims and shows a stable history since 2008. Overall, the website provides a good user experience but requires significant security improvements to protect users and enhance credibility.

R

Home

relocation.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 33 security findings identified across all modules.

A

AutomationX GmbH

automationx.com

0

AutomationX GmbH is a mature, medium-sized Austrian company specializing in automation solutions for manufacturing, food, construction, and infrastructure sectors. Their business model focuses on consulting, system integration, service, and development of automation software and hardware, targeting industrial clients. The website reflects a professional and consistent brand presence with clear service offerings and international project experience. Technically, the site is built on the Contao CMS with Apache server hosting by graz4u.at, using common web technologies like jQuery and Google Tag Manager. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts security posture. Cookie consent mechanisms and privacy policies are present but basic. Overall, the site is functional but requires critical security improvements to meet modern standards.

T

T3K-Forensics GmbH

t3k-forensics.com

0

T3K-Forensics GmbH operates the website t3k-forensics.com, presenting itself as a global leader in AI-powered digital forensic solutions, primarily serving law enforcement and private enterprises. Their key offerings include AI-based media classifiers designed to detect illicit content such as child sexual abuse material, terrorism-related content, and other harmful media. The company emphasizes its expertise in expert witness work and digital forensics consulting, leveraging machine learning to accelerate investigations and reduce emotional burdens on investigators. The website is professionally designed, with clear navigation and comprehensive content about their products and partnerships.

H

Hotel Elisabeth

hotel-elisabeth-tirol.com

0

Hotel Elisabeth is a well-established family hotel located in Kirchberg, Tyrol, Austria, offering a blend of traditional hospitality and modern amenities including wellness spa, outdoor activities, and event hosting. The website reflects a strong market position targeting families and multi-generational guests seeking a premium alpine experience. Technically, the site is built on TYPO3 CMS with integrations for marketing and consent management, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and disabled TLS protocols. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

W

WOMEN AGAINST VIOLENCE EUROPE

wave-network.org

0

WOMEN AGAINST VIOLENCE EUROPE (WAVE) is a well-established non-profit network comprising over 180 European women’s NGOs dedicated to preventing and protecting women and children from violence. The organization focuses on capacity building, advocacy, research, and awareness raising, positioning itself as a leading entity in the European women's rights sector. Their website reflects a professional and content-rich platform targeting NGOs, professionals, policymakers, and the general public interested in gender equality and violence prevention. Technically, the website is built on WordPress with a modern plugin ecosystem including Gravity Forms, Event Tickets, and MemberPress. While the design and content quality are excellent, technical performance is moderate, and mobile optimization is good. The site uses Matomo for analytics and Borlabs Cookie for privacy compliance, indicating a mature approach to user data and consent. Security-wise, the site suffers from a critical issue: an invalid or missing SSL certificate, resulting in no active TLS protocols and weak encryption posture. Although some security headers are present, the lack of proper HTTPS implementation significantly lowers the security score. Privacy and cookie policies are comprehensive and GDPR compliant, with clear contact information and consent mechanisms. Overall, the site is trustworthy and professionally managed but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and maintain credibility. Strategic improvements in security infrastructure will enhance user trust and compliance with modern web standards.

S

Softsolution GmbH

softsolution.at

0

Softsolution GmbH, in partnership with LiteSentry LLC, operates as a leading provider of automated quality assurance systems for the glass industry. Their solutions focus on precision inspection technologies that detect defects in glass manufacturing, enhancing production efficiency and product quality. The company maintains a strong global presence with over 3,000 systems installed worldwide and offices in Austria and the USA. Their website reflects a professional and comprehensive digital presence, supporting multiple languages and showcasing extensive product and project information. Technically, the website is built on WordPress with modern plugins and libraries such as jQuery, Slick Slider, and Borlabs Cookie for privacy management. Hosting is provided via Cloudways with Cloudflare CDN integration. However, the absence of a valid SSL certificate and lack of modern TLS protocols significantly weaken the security posture, exposing the site to potential risks. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Security evaluation reveals critical issues including no HTTPS support, no HSTS, and no OCSP stapling, which are essential for secure communications. Despite these, the site employs some best practices like HttpOnly and Secure cookie flags and uses a reputable CDN. The overall risk is moderate but requires urgent remediation of SSL/TLS issues to protect user data and maintain trust. Strategically, the company should prioritize implementing a valid SSL certificate and modern security protocols, enhance incident response visibility, and continue leveraging their strong market position and trust indicators to maintain competitive advantage.