Security Directory

F

F/LIST

f-list.at

0

F/LIST is a well-established Austrian family business specializing in luxury interior outfitting for business jets, private jets, and high-end living spaces such as hotels. The company emphasizes craftsmanship, innovation, and premium materials, positioning itself as a global leader in the luxury interiors market. The website reflects a professional and consistent brand image with multilingual support and rich content tailored to its affluent target audience. Technically, the site is built on WordPress with modern plugins and libraries, hosted on Hostinger with LiteSpeed server technology. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which critically impacts secure communications. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a clear privacy policy. Contact information is transparent and includes multiple channels, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

NCM - net communication management GmbH is a specialized digital marketing agency based in Salzburg, Austria, focusing on the tourism and hospitality sector. The company offers a comprehensive suite of services including SEO, SEA, social media marketing, web design, and proprietary tourism tools to enhance online presence and lead generation for hotels. The website is professionally designed, content-rich, and well-structured, targeting German-speaking tourism businesses. Technically, the site uses modern frameworks and CMS (Contao) but critically lacks a valid SSL/TLS certificate, exposing it to security risks and undermining user trust. Security headers are properly configured, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and accessible, supporting business credibility. Overall, the site demonstrates strong business maturity and digital presence but requires urgent security improvements to protect users and maintain trust.

S

SVD Büromanagement GmbH

svdgmbh.at

0

SVD Büromanagement GmbH is a medium-sized Austrian company specializing in providing comprehensive management and support services across multiple sectors including construction, procurement, IT, facility management, printing, information security, payroll, and legal services. The company primarily serves government and social insurance institutions, positioning itself as a key regional player with a strong focus on public sector needs. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of government agencies, suppliers, and job seekers. Technically, the site employs modern JavaScript libraries such as jQuery 3.6.0 and Jakarta Faces framework, hosted on Apache servers with a CMS likely based on Gentics. However, performance is slow and SSL/TLS security is critically lacking due to an invalid or missing certificate and disabled TLS protocols. Security headers are present but insufficient to compensate for the lack of HTTPS, resulting in a low security posture score. Privacy compliance is strong with comprehensive privacy and cookie policies and an active consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

E

EBNER Industrieofenbau GmbH

ebner.cc

0

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

X

XOLUTO

xoluto.at

0

XOLUTO is a small technology consulting firm based in Austria, specializing in digital strategy, sales and service process optimization, and AI strategy enablement. The website presents a professional and consistent brand image focused on delivering sustainable digital solutions to businesses. Technically, the site is built on a modern Angular framework and hosted on a provider associated with the domain's nameservers. However, the website lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Security headers are minimal, and no advanced security practices are observed. Privacy compliance is poor, with no privacy or cookie policies detected, and no GDPR compliance indicators. Contact information is limited to phone icons and a contact page link, with no explicit emails or phone numbers visible. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy to enhance trust and compliance.

I

ICON Wirtschaftstreuhand GmbH

icon.at

0

ICON Wirtschaftstreuhand GmbH is a medium-sized Austrian professional services firm specializing in tax consulting, auditing, and international tax expertise. The company holds a strong market position, being ranked first in sustainability and machinery & plant engineering consulting by INDUSTRIEMAGAZIN in 2025. Their business model focuses on delivering comprehensive tax and audit services through nine specialized service lines supported by a global network and membership in WTS Global. The website reflects a professional and consistent brand image targeting businesses and private clients with international tax needs. Technically, the site is built on TYPO3 CMS, served via Apache and Amazon CloudFront CDN, and uses modern web technologies including Font Awesome and Google Tag Manager. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortcoming despite the presence of strong security headers and a content security policy. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is comprehensive and clearly presented. Overall, the site is well-designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security posture.

M

Mavie Work GmbH

consentiv.com

0

Mavie Work GmbH operates as a healthcare-focused B2B service provider specializing in comprehensive corporate health programs, including mental health support, physical wellness, and coaching services primarily targeting Austrian and German companies. The company has a mature market presence with over 15 years of domain registration and 20 years of operational experience, supported by multiple regional locations and digital platforms. Technically, the website leverages modern frameworks such as Next.js and Contentful CMS hosted on Google infrastructure, indicating a contemporary digital maturity. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy compliance is partially addressed with a privacy policy present but lacks visible cookie consent mechanisms. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards and regulatory requirements.

S

Semantic Web Company

semantic-web.com

0

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

S

System Industrie Electronic GmbH

sie.at

0

System Industrie Electronic GmbH (S.I.E) is a market-leading specialist in the development and manufacturing of embedded and cyber-physical systems. The company offers a comprehensive portfolio of services including ideation, engineering, production, and quality lifecycle management, targeting industrial clients requiring customized embedded solutions. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics, Google Tag Manager, and OneSignal push notifications. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business demonstrates strong credibility and market positioning, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

0

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

0

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.

K

kronehit

kronehit.at

0

kronehit.at is an Austrian online radio platform delivering streaming media content primarily to German-speaking audiences. The website focuses on radio and video streaming services supported by advertising, leveraging technologies such as Cloudflare CDN, Usercentrics for cookie consent, Firebase Cloud Messaging for push notifications, and Google Analytics for tracking. The site is positioned as a recognized media outlet in Austria with a medium-sized operational scale. Technically, the site uses modern JavaScript libraries and streaming players but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and incomplete TLS configuration, despite the presence of multiple security headers. Privacy compliance is partial, with cookie consent implemented but no visible privacy policy or terms of service. Overall, the site demonstrates moderate business credibility but requires significant improvements in security and privacy transparency to enhance trust and compliance.

L

Life and Career Design Consulting GmbH

lifeandcareer.eu

0

Life and Career Design Consulting GmbH is a small Austrian consulting firm specializing in career development and interim management services. Their website, built on Squarespace, offers bilingual content in German and English, targeting professionals seeking coaching, training, and assessment services. The company maintains a professional online presence with clear contact information and active social media channels. Technically, the website uses standard Squarespace infrastructure and Typekit fonts but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The absence of privacy and terms of service policies indicates gaps in compliance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and consistent with its domain registration data, but improvements in security and privacy compliance are necessary to enhance trust and user safety.

Diakoniewerk is a well-established non-profit organization operating in the social and healthcare sectors across multiple Austrian regions and internationally. With a workforce of approximately 4,000 employees, it provides a broad range of services including senior care, disability support, education, integration, and community development. The website reflects a mature digital presence with comprehensive content, active recruitment, and engagement through social media and newsletters. Technically, the site is built on the Ibexa Open Source CMS and integrates modern marketing and analytics tools, though performance data is unavailable. Security posture is weak due to the absence of HTTPS, which poses a critical risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

M

marketmind GmbH

marketmind.at

0

marketmind GmbH is a well-established marketing consulting agency founded in 1996 and based in Vienna, Austria. It operates primarily in the DACH region, serving clients across sectors such as energy, transport, banking, telecommunications, government, non-profit, retail, hospitality, and media. The company offers data-driven marketing research, consulting, and data science services with a strong focus on UX research, branding, segmenting, and customer experience. The website reflects a mature digital presence with detailed team profiles, client testimonials, and comprehensive service descriptions, positioning marketmind as a leading player in its market segment. Technically, the website is hosted on Microsoft IIS with ASP.NET technology and uses Cloudflare for DNS and nameservers. The site employs modern web technologies such as JSON-LD structured data, WebP images, and custom fonts. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security shortfall. Performance metrics are not available, but the site is mobile-optimized and accessible with good SEO practices. From a security perspective, the absence of HTTPS and TLS protocols severely impacts the security posture. While some security headers like X-Content-Type-Options are present, the lack of HSTS, OCSP stapling, and session resumption mechanisms indicates room for significant improvement. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR compliance indicators. The site uses marketing and analytics tools such as Google Analytics and LinkedIn Insight Tag with transparent disclosures. Overall, marketmind GmbH presents a professional and trustworthy business with excellent content quality and business credibility. The main risk lies in the missing HTTPS configuration, which should be addressed urgently to protect user data and improve trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and maintaining ongoing compliance with privacy regulations.

F

Fuhrparkverband Austria

fuhrparkverband.at

0

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

N

Next Research GmbH

nextresearch.org

0

Next Research GmbH is a specialized contract research organization (CRO) based in Austria, focusing on clinical research, scientific consulting, and market analytics primarily in the healthcare sector, especially interventional radiology. The company leverages a decade of experience and strong ties to the CIRSE medical society to deliver tailored research services. Their website presents a professional image with comprehensive service descriptions, a detailed team section, and clear contact options including direct scheduling links. Technically, the site is built on WordPress with modern plugins for cookie consent and analytics, but suffers from a critical lack of a valid SSL certificate, impacting security and trust. Privacy policies are thorough and GDPR compliant, with user-friendly cookie consent mechanisms and opt-out options for analytics tracking. Overall, the business appears credible and well-positioned in its niche, but the absence of HTTPS is a significant security gap.

S

Ski Lodge Jaktman

skilodgejaktman.com

0

Ski Lodge Jaktman is a small hospitality business located in Bad Gastein, Austria, specializing in ski holiday accommodation and related tourism services. The website positions itself strongly in the local market, boasting the number one ranking on Tripadvisor for eight consecutive years, which indicates a solid reputation and customer satisfaction. The business offers rooms, apartments, ski equipment rental discounts, and packages for skiing and other alpine activities, targeting winter sports enthusiasts and tourists visiting the Gastein Valley. Technically, the website is hosted on IONOS SE infrastructure using the IONOS MyWebsite CMS platform. The site uses Apache server technology and includes JavaScript libraries such as jQuery and lightbox plugins for image galleries. However, the website lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security and trust issue. Performance is slow, and mobile optimization and accessibility are basic. SEO is also basic with some meta tags but no advanced structured data or JSON-LD. From a security perspective, the site has minimal security headers and no active HTTPS, which severely limits its security posture. The Content Security Policy is set to report-only mode, and the X-XSS-Protection header is disabled. No incident response or vulnerability disclosure policies are published. The domain is mature and registered consistently with the business location, but the lack of HTTPS and privacy policies are significant compliance and security gaps. Overall, the website is functional and provides good business information and user experience but requires urgent improvements in security, privacy compliance, and technical modernization to enhance trust and protect user data.

P

PACEup Management-Consulting GmbH

paceup.at

0

PACEup Management-Consulting GmbH is an Austrian owner-managed consulting boutique specializing in Controlling & Finance, Organization & Processes, and strategic decision-making. The company serves a diverse clientele including industrial, trade, infrastructure, energy, logistics, and public sector organizations. Their key services include tailored consulting solutions and interim management, positioning them as a niche player in the Austrian consulting market. The website is professionally designed with clear navigation and relevant content targeting German-speaking business clients. Technically, the site runs on WordPress with common libraries like jQuery and Slick Carousel, but suffers from a critical lack of a valid SSL certificate, resulting in no proper HTTPS support. This significantly impacts the security posture and trustworthiness of the site. Security headers are minimal, and no incident response or security policies are published. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the site demonstrates moderate business credibility but requires urgent security improvements to protect user data and enhance trust.

H

Herz Jesu Krankenhaus GmbH

kh-herzjesu.at

0

Herz Jesu Krankenhaus GmbH is a medium-sized, non-profit orthopaedic specialist hospital located in Vienna, Austria, operating under the parent company Vinzenz Kliniken Wien. The hospital offers specialized healthcare services in orthopaedics, rheumatology, osteology, remobilisation, and operates the largest pulmonological sleep laboratory in Vienna. The website targets patients, visitors, medical professionals, and job seekers, providing comprehensive information about services, events, and career opportunities. The hospital emphasizes professional, personal, and compassionate care with external quality certifications such as the 'Audit Beruf und Familie'. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery frameworks, delivering a responsive and well-structured user experience. However, the site suffers from slow loading times and lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. The cookie consent mechanism and privacy policy are well implemented, reflecting good privacy compliance. Social media integration and external partnerships are clearly presented, enhancing the hospital's digital presence. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. No advanced security headers or incident response information are found, indicating room for improvement in security maturity. The WHOIS data confirms the domain's legitimacy and consistency with the hospital's business claims. Overall, the website is professional and content-rich but requires urgent security enhancements, particularly SSL/TLS implementation, to protect user data and improve trust. Performance optimization and additional security best practices are recommended to elevate the site's technical and security standards.

GMS GOURMET GmbH is a leading Austrian company specializing in community catering, private label food production, and gastronomy services with over 45 years of experience. The company serves a broad audience including kindergartens, schools, workplaces, senior homes, and event catering, positioning itself as the market leader in Austria's community gastronomy sector. Their business model focuses on delivering high-quality, healthy, and sustainable food solutions tailored to diverse customer needs. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern marketing and consent management tools such as Google Tag Manager and Cookiebot. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. The company demonstrates strong trust signals through multiple certifications, sustainability initiatives, and family-friendly employer awards.

E

EUCUSA Consulting GmbH

eucusa.com

0

EUCUSA Consulting GmbH is a specialized provider of strategic feedback systems and consulting services focused on enhancing employee engagement, customer satisfaction, and leadership development. The company operates primarily in Austria and offers a suite of products including employee surveys, customer surveys, 360° feedback, and tools like the Future Readiness Check® and Trust Check. Their business model integrates consulting expertise with proprietary software solutions to deliver tailored feedback and actionable insights for organizations. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including jQuery, FontAwesome, and GDPR compliance plugins. The site is mobile-optimized and SEO-friendly, with structured data enhancing search visibility. Hosting is managed via Cloudpit DNS services. However, the website lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. From a security perspective, while the site uses GDPR cookie consent mechanisms and has no known vulnerabilities in libraries, the absence of HTTPS and modern TLS protocols severely undermines its security posture. No explicit security policies or incident response contacts are provided, and no vulnerability disclosure or security.txt files are found. This gap poses risks to user data confidentiality and trust. Overall, the website presents a professional and credible business front with good content quality and privacy compliance. The critical recommendation is to urgently implement a valid SSL certificate and enable HTTPS to protect user data and improve trustworthiness. Additional security enhancements and transparency around security policies would further strengthen the company's risk management and compliance stance.

T

TAC | The Assistant Company

tac.eu.com

0

TAC | The Assistant Company is a medium-sized technology provider specializing in all-in-one business software solutions tailored for the hospitality and wellness sectors, including spas, fitness clubs, and thermal baths. Their product suite includes Reservation Assistant, Club Assistant, and Entry Assistant software, complemented by automated wristband issuance and online webshop capabilities. The company has a solid market position supported by long-term client relationships and partnerships with notable industry players. Their website reflects a professional and consistent brand image with good content quality and user experience, targeting businesses seeking integrated software solutions to streamline operations. Technically, the website is built on a modern WordPress CMS platform using PHP 8.1, nginx, and popular plugins such as WPBakery Page Builder and Slider Revolution. The site employs lazy loading for images and integrates marketing and analytics tools like Google Analytics and Sendinblue. Hosting is managed by internex.at, and the site demonstrates good SEO and mobile optimization practices. However, performance is moderate, and accessibility features are basic. From a security perspective, the site implements several important HTTP security headers and a cookie consent mechanism compliant with GDPR. Unfortunately, the SSL/TLS configuration is critically lacking, with no valid SSL certificate installed, no TLS protocols enabled, and malformed CAA DNS records. This significantly reduces the security posture and exposes the site to risks associated with unencrypted traffic. No explicit security policies or incident response information are found. Overall, TAC presents a trustworthy and professional business with strong privacy compliance and marketing transparency. The primary risk lies in the absence of HTTPS, which should be urgently addressed to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and improving SSL configuration to enhance security and user confidence.

OeKB Gruppe is a central financial service provider based in Austria, supporting the Austrian economy with a broad range of services including export financing, capital market services, energy market services, development financing, and tourism services. The website presents a professional and comprehensive overview of their offerings, targeting Austrian businesses, investors, and financial institutions. The company holds a strong market position as a key financial institution in Austria. Technically, the website uses a custom CMS with JavaScript and Bootstrap frameworks, but suffers from slow load times and lacks modern security configurations such as a valid SSL certificate and TLS protocols. Mobile optimization and SEO are good, but accessibility is basic. The website lacks cookie consent mechanisms and some security best practices. Security posture is weak due to the absence of HTTPS, no security headers, and missing email authentication records like DMARC. DNSSEC is disabled and CAA records are malformed. These issues pose significant risks to user data confidentiality and trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and comply with modern standards. Strategic recommendations include implementing HTTPS, enabling security headers, and adding privacy and cookie consent mechanisms.

D

Doppelpack Werbeagentur OG

doppelpack.com

0

Doppelpack Werbeagentur OG is a small, established fullservice marketing agency based in Salzburg, Austria, with a subsidiary office in Vienna. The company specializes in digital marketing, web design, SEO, SEA, social media marketing, and graphic design, targeting businesses seeking to enhance their brand visibility and digital presence. The website reflects a professional and consistent brand image with good content quality and SEO optimization. Technically, the site runs on WordPress with modern plugins and scripts but lacks a valid SSL certificate, exposing it to significant security risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and trustworthy, but the lack of HTTPS is a critical vulnerability that must be addressed immediately.

A

Austria Wirtschaftsservice Gesellschaft mbH

awsg.at

0

Austria Wirtschaftsservice Gesellschaft mbH (aws) is the official Austrian federal promotional bank dedicated to fostering innovation and economic growth within Austria. The website serves as a comprehensive portal for Austrian entrepreneurs and companies seeking funding, subsidies, and advisory services. It offers a broad range of programs targeting startups, SMEs, and established companies, with a strong emphasis on energy, sustainability, and internationalization. The site is well-branded, professionally designed, and provides clear navigation and rich content in German, targeting primarily Austrian businesses and innovators. Technically, the website is built on TYPO3 CMS and uses Apache as the web server. It integrates Matomo analytics for privacy-compliant user tracking and employs modern web technologies including CSP and various security headers. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security concern. Performance metrics are not available, but the site appears mobile-optimized and accessible. From a security perspective, while several security headers are implemented, the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No explicit security or incident response policies are found on the site. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy in place, aligned with GDPR requirements. Overall, the site is a credible and professional government service platform with excellent content and user experience but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve trustworthiness.

A

Achtzehn Grad GmbH

digitalwerk.agency

0

Achtzehn Grad GmbH is a full-service creative agency based in Vienna, Austria, specializing in branding, digital marketing, and communication services. The company positions itself as a premium agency focused on uncovering hidden potential in brands and delivering innovative marketing solutions. Their target audience includes businesses in German-speaking countries seeking comprehensive marketing and creative services. The website reflects a high level of professionalism with excellent design, clear navigation, and rich content, including case studies and a blog. Technically, the site leverages modern JavaScript libraries such as GSAP and Swiper, is hosted on Webflow with Cloudflare CDN, and integrates bot protection on forms. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support and no modern TLS protocols, which significantly impacts the security posture. Privacy compliance is good with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected. Overall, the site is trustworthy and professionally managed but requires urgent SSL/TLS remediation to ensure secure user interactions.

T

TachoEASY GmbH

tachoeasy.com

0

TachoEASY GmbH is a medium-sized Austrian company specializing in telematics and tachograph data archiving software solutions for the transportation and logistics sector. With nearly two decades of market presence, it offers products such as tacholog² and BlueLOGICO® targeting fleet operators and transport companies. The website is built on Joomla CMS with modern UIkit framework and integrates various third-party services including Calendly and friendly-challenge captcha for user interaction. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, representing a critical security vulnerability. Security headers are partially implemented but key protections like HSTS and DNSSEC are missing. The company provides comprehensive privacy and cookie policies with a consent mechanism, reflecting good GDPR compliance. Contact information is clearly presented with multiple channels including phone, email, and contact forms. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

F

finderly GmbH & Co KG (Medieninhaber)

shpock.com

0

Shpock is a well-established online marketplace specializing in local second-hand classifieds across the United Kingdom, operated by finderly GmbH & Co KG based in Austria. The platform offers a wide range of categories including electronics, fashion, baby products, home & garden, and motors, supported by a strong mobile app presence with over 50 million downloads. The business model focuses on zero fees for sellers, monetizing through promoted listings and memberships, positioning Shpock as a leading player in the UK second-hand market. Technically, the website leverages modern web technologies such as React and Next.js, hosted behind Cloudflare, and integrates with payment and marketing services like Adyen, SendGrid, and Zendesk. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS support, which poses risks to user data confidentiality and trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, Shpock presents a professional and trustworthy e-commerce platform with room for critical security improvements to enhance user trust and compliance.

T

T-Mobile Austria GmbH

upc.at

0

The website for upc.at, branded as Magenta Austria, represents a major telecommunications provider offering a wide range of services including mobile tariffs, internet packages, TV offerings, and bundled solutions for both consumers and business customers. The site is professionally designed with rich content, clear navigation, and consistent branding that aligns with the corporate identity of T-Mobile Austria GmbH. Structured data and social media presence further reinforce the company's legitimacy and market position in Austria. Technically, the site is built on Adobe Experience Manager CMS and utilizes modern marketing and analytics tools such as Google Tag Manager and Usercentrics for consent management. However, the website currently suffers from a critical security issue: the SSL/TLS certificate is invalid or missing, and no secure HTTPS protocols are enabled. This significantly impacts the security posture and user trust, despite the presence of security headers and content security policies. Privacy compliance is well addressed with clear privacy and cookie policies and an active consent mechanism. Contact information is available primarily via phone numbers and contact forms, though no direct company email addresses are exposed. The WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, while the website excels in content quality, user experience, and privacy compliance, the lack of valid HTTPS and proper SSL configuration is a critical vulnerability that must be addressed immediately to ensure secure communications and maintain customer trust.

I

Italoffice Büromöbel

italoffice.at

0

Italoffice is a small Austrian retail business specializing in high-quality office furniture, including ergonomic chairs, height-adjustable desks, conference furniture, and acoustic solutions. The company targets businesses and individuals in Vienna and Lower Austria, offering personalized consultation, delivery, and assembly services. The website is professionally designed using WordPress, WooCommerce, and Elementor, providing a comprehensive product catalog and clear contact options. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, indicating good privacy awareness. Overall, the business appears legitimate and well-positioned in its niche, but security improvements are critical to protect customer data and enhance trust.

R

RAITEC GmbH

grz.at

0

RAITEC GmbH is a prominent IT service provider specializing in delivering high-tech infrastructure and operational services to the financial sector in Austria. The company supports a large-scale environment with over 50 million daily online transactions, 35,000 client workstations, and extensive data storage capabilities. Their market position is strong as one of Austria's leading IT system houses focused on finance. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks and tracking tools, providing a professional and accessible user experience. However, the critical lack of a valid SSL certificate and HTTPS support significantly undermines the security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are needed to protect user data and trust.

W

Welser Profile GmbH

welser.com

0

Welser Profile GmbH is a well-established family-owned manufacturing company specializing in steel and stainless steel profiles, serving various industrial sectors including mobility, energy, and construction. The website presents a professional and content-rich platform with multilingual support and detailed service offerings. Technically, the site uses Apache server technology, HubSpot CMS, and integrates Google Maps and various marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but need enhancement. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements.

F

FLOTAINMENT

flotainment.com

0

FLOTAINMENT is a medium-sized Austrian media company established in 1998, specializing in audio production, PR management, design, studio services, and label operations. The company targets clients in the creative and entertainment sectors, offering a diversified portfolio through multiple subdomains representing its key services. The website is built on WordPress with Elementor and integrates Jetpack for analytics and security features. However, the site lacks HTTPS, which is a critical security shortfall. While cookie consent and privacy policies are well implemented and GDPR compliant, the absence of SSL/TLS encryption exposes visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Overall, the digital infrastructure is functional but requires urgent security upgrades to meet modern standards.

Wieland Austria Ges.m.b.H. is a well-established manufacturing company specializing in copper tubes and semi-finished and finished copper alloy products. Founded in 1904 and part of the global Wieland Group since 1999, it holds a strong market position in Europe with modern production sites in Amstetten and Enzesfeld, Austria. The company targets industrial and energy sectors, providing engineered products and services with a focus on quality and sustainability. The website reflects a professional digital presence with comprehensive content, certifications, and contact options. Technically, the site uses modern CMS and caching technologies but lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a consent management platform and clear policies. However, the absence of incident response and vulnerability disclosure information indicates room for improvement in security transparency. Overall, the website is credible and professional but requires urgent SSL/TLS remediation to ensure secure communications and trust.

A

abss interactive GmbH

abss.at

0

abss interactive GmbH is a well-established Austrian digital agency specializing in custom web development, digital transformation consulting, and tailored software solutions. With nearly 25 years of experience, the company serves a diverse client base ranging from small businesses to large international corporations. Their key services include digitalization, website and e-commerce development, search portals, custom tools, and consulting expertise, with a strong emphasis on accessibility and blockchain technology integration. Technically, the website employs a modern technology stack including Apache server, jQuery, Bootstrap grid, and various JavaScript libraries for enhanced user experience. However, the hosting environment lacks a valid SSL/TLS certificate and does not support modern TLS protocols, which is a significant security concern. The site is mobile-optimized and demonstrates good SEO and accessibility practices, but performance metrics are unavailable. From a security perspective, while several security headers are implemented, the absence of HTTPS and proper SSL configuration severely undermines the site's security posture. No incident response or vulnerability disclosure policies are evident. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by certifications, client references, and transparent contact information. Overall, the site is professionally designed and content-rich, but critical security improvements are necessary to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling HTTPS, implementing cookie consent, and establishing formal security policies.

7iD Technologies GmbH is an Austrian company specializing in IoT software and solutions focused on optimizing intralogistics and industrial production processes. Their offerings include track & trace technology, asset management, and predictive maintenance solutions leveraging various IoT technologies such as RFID, BLE, NB-IoT, and UWB. The company positions itself as a leading provider in the manufacturing sector, targeting businesses seeking digital transformation and efficiency improvements. Technically, the website is built on WordPress with common plugins and hosted behind Cloudflare, but lacks a valid SSL certificate, which is a significant security concern. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. The security posture is weak due to missing HTTPS and modern TLS protocols, exposing users to potential risks. Overall, the website is professional and trustworthy but requires urgent security improvements to protect data and enhance user trust.

M

mohemian services GmbH

mohemian.com

0

mohemian services GmbH is a small Austrian technology consultancy specializing in translating business needs into technology solutions. Their offerings include business strategy, entrepreneurial thinking, experience design, corporate governance, and technical architecture and development. The company targets tech startups, corporate ventures, and clients seeking innovative digital product development. Their market position is that of a niche, visionary technology partner with a focus on professional execution and agile processes. Technically, the website is built on GravCMS, hosted on Hetzner infrastructure, and uses nginx as the web server. The site includes modern SVG graphics and several Grav plugins for markdown notices, forms, and login functionality. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are missing, but the site appears to have good mobile optimization and basic accessibility features. From a security perspective, the site implements several security headers such as HSTS, X-Frame-Options, and X-XSS-Protection, but the absence of HTTPS and TLS protocols severely undermines security posture. No incident response or security policy information is provided, and no vulnerability disclosure or security.txt file is found. Email security could be improved by adding a DMARC record. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy in terms of business presentation but requires urgent improvements in security infrastructure, especially enabling HTTPS with a valid certificate. Adding cookie consent and incident response information would enhance compliance and trust. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include securing the website with HTTPS, implementing cookie consent, publishing security policies, and improving email security.

H

HTL Zeltweg

htl-zeltweg.at

0

HTL Zeltweg is a medium-sized Austrian educational institution specializing in technical and vocational education, particularly in mechanical engineering and construction technology. The website reflects an active institution with a focus on practical training, robotics, and international cooperation. The technical infrastructure is based on WordPress with a modern plugin ecosystem, but suffers from critical security shortcomings such as the absence of HTTPS and a valid SSL certificate. The lack of cookie consent and privacy compliance mechanisms further reduces trustworthiness. While the site provides clear contact information and social media presence, the security posture is weak, exposing the institution to risks related to data interception and user trust. Strategic improvements in SSL deployment, security headers, and privacy compliance are essential to enhance the institution's digital maturity and protect its stakeholders.

A

AMES - Aerospace and Mechanical Engineering Services

ames.aero

0

AMES - Aerospace and Mechanical Engineering Services is a mature Austrian company specializing in aerospace engineering, certification, production, maintenance, CAMO, consulting, and training services. With a domain age of 17 years and multiple aerospace certifications, AMES positions itself as a reliable service provider in the aerospace transportation sector. The website reflects a professional business model targeting aerospace industry professionals and companies requiring specialized engineering and certification services. The company maintains a consistent brand presence with clear contact information and social media engagement. Technically, the website employs a variety of established JavaScript libraries and frameworks such as jQuery, Bootstrap, and Owl Carousel, indicating a moderate level of digital maturity. However, the site lacks HTTPS encryption and modern security configurations, which significantly impacts its security posture. Performance is rated slow due to missing SSL and potential optimization gaps, though mobile responsiveness and navigation clarity are good. Security evaluation reveals critical vulnerabilities including the absence of SSL/TLS, no HSTS, no DNSSEC, and missing security headers. These gaps expose the site to potential interception and downgrade attacks. The domain's imminent expiry in 11 days adds operational risk. Privacy compliance is minimal, with basic privacy and terms documents available but no cookie consent or incident response contacts. Overall, AMES demonstrates solid business credibility and content quality but requires urgent security improvements to protect its digital assets and customer trust. Strategic recommendations include immediate SSL implementation, enhanced domain protection, and adoption of security best practices to elevate the security score and compliance posture.

R

ReinZeit Handels GmbH

reinzeit.com

0

ReinZeit Handels GmbH is an Austrian retail company specializing in eco-friendly cleaning and wellness products, including microfiber cloths, cleaners, laundry detergents, and wellness aroma products. The company emphasizes social responsibility, environmental protection, and Austrian quality standards, targeting consumers interested in sustainable and socially responsible products. Their business model includes direct sales through consultants and an online shop, supported by active social media channels and marketing efforts. Technically, the website is built on WordPress with WooCommerce, using popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. The site is hosted on an Austrian IP and uses Apache server technology. However, performance metrics are not available, and the site is moderately optimized for mobile devices. From a security perspective, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Although some security headers like HSTS and X-Frame-Options are present, the absence of TLS protocols and strong cipher suites significantly weakens the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed and trustworthy from a business perspective but requires urgent improvements in SSL/TLS security to protect user data and enhance trust. Strategic recommendations include obtaining a valid SSL certificate, enabling modern TLS protocols, and enhancing security best practices.

The website sfwien.at represents a small personal or business presence for an individual named Sven Fuchs, primarily providing contact information such as phone numbers and an email address. The site content is minimal and lacks detailed business descriptions or service offerings, indicating a limited digital footprint and business scope. Technically, the website is hosted on an Apache server with DNS managed by world4you.at, but it lacks modern web technologies and uses outdated Microsoft Word generated HTML, resulting in poor performance and accessibility. Critically, the site does not implement HTTPS, exposing visitors to security risks and undermining trust. No privacy, cookie, or terms of service policies are present, indicating non-compliance with GDPR and other privacy regulations. The domain registration data is consistent and legitimate, with no privacy protection or suspicious patterns detected. Overall, the website's security posture is weak, with no security headers, no TLS support, and no incident response or vulnerability disclosure mechanisms. Strategic improvements are necessary to enhance security, privacy compliance, and technical quality.

P

Porsche Inter Auto

porschewiennord.at

0

Porsche Inter Auto is a prominent automotive dealership network in Austria, representing multiple Volkswagen Group brands including VW, Audi, Porsche, ŠKODA, SEAT, and CUPRA. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing, and accessories. Their market position is strong within the Austrian automotive retail sector, supported by a large network of dealer locations and a high volume of customer reviews indicating strong customer satisfaction. Technically, the website is built on the Plone CMS platform using Python and Zope, with Cloudflare providing hosting and CDN services. The site integrates modern web technologies such as Google Tag Manager, OneTrust for cookie consent, Leaflet and Google Maps for location services, and Swiper for interactive content. The site is well-structured, mobile-optimized, and includes rich content and structured data for SEO. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Other security headers like HSTS are missing, and no advanced SSL/TLS features are enabled. However, the site does implement some security headers such as X-Frame-Options and uses Cloudflare for some level of protection. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen SSL/TLS configurations. Addressing these issues will significantly enhance user trust and compliance with modern security standards.

S

SIGNA

signa.at

0

SIGNA is a well-established international holding company founded in 2000, operating primarily in the real estate and retail sectors. The website presents a bilingual (German and English) overview of the business, highlighting its core subsidiaries and business areas. The company targets investors and industry stakeholders with a professional and consistent brand presence. Technically, the website is built on WordPress with modern plugins and tools such as Google Analytics and Complianz for GDPR compliance. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS protection, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a privacy policy. No direct contact information or security policies are publicly available, which could limit user trust and incident response readiness. Overall, the site is functional and professional but requires urgent security improvements.

I

In The Headroom

intheheadroom.com

0

In The Headroom is a small Austrian design studio specializing in brand culture advisory and design solutions. The company targets businesses seeking to establish or refine their brand culture through creative design production and implementation. Their website is professionally designed using WordPress with SEO optimization and a cookie consent mechanism to comply with GDPR. However, the site lacks HTTPS support, which is a critical security gap. The technical infrastructure includes common web technologies and plugins but shows moderate performance. Security posture is weak due to missing SSL certificates and security headers, exposing visitors to potential risks. Contact information is clearly provided, enhancing business credibility. Strategic improvements in security and SSL implementation are recommended to elevate trust and compliance.

P

Pixelcoma

pixelcoma.at

0

Pixelcoma is a small photography business based in Vienna, Austria, specializing in food photography, artist portraits, business portraits, workshops, and studio rentals. The website is built on WordPress with WooCommerce for e-commerce functionality and integrates common marketing and analytics tools such as Google Analytics and Mailchimp. The business targets local clients in the media and creative sectors, offering diversified services including an online shop and newsletter subscriptions. Technically, the website uses standard WordPress plugins and themes but lacks a valid SSL certificate, which significantly impacts its security posture. The absence of HTTPS exposes users to potential data interception risks, and no advanced security headers or mechanisms are implemented. Privacy compliance is partially addressed with a privacy policy and terms of service, but no cookie consent mechanism is present despite the use of tracking scripts. Overall, the website presents a professional design and good user experience but requires urgent security improvements to protect user data and enhance trust.

P

Palfinger AG

palfinger.ag

0

Palfinger AG is a well-established international manufacturer specializing in innovative hydraulic lifting solutions, including cranes, access platforms, and marine equipment. The company holds a strong market position with a large workforce and extensive global manufacturing and sales presence. The website reflects a mature digital infrastructure using Pimcore CMS and Bootstrap framework, with good mobile optimization and accessibility. However, the absence of a valid SSL/TLS certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are comprehensive and GDPR compliant, supported by OneTrust consent management. The company demonstrates transparency through investor relations, social media engagement, and a vulnerability disclosure policy. Overall, Palfinger AG's website is professional and content-rich but requires urgent security improvements to align with best practices.

The Kammerorchester Arpeggione Hohenems is a small, non-profit cultural organization dedicated to classical and contemporary chamber music performances, primarily serving a regional Austrian audience. The website provides detailed event information, organizational background, and sponsorship acknowledgments, reflecting a well-established local cultural entity with a 35-year history. Technically, the site is built on the Jimdo CMS platform, hosted on Austrian infrastructure, and uses standard web technologies including JavaScript and CSS. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. While cookie consent mechanisms and privacy policies are present and GDPR compliant, the absence of visible contact emails, phone numbers, and security policies limits transparency and trust. Overall, the website is functional and informative but requires critical security improvements to enhance user trust and data protection.

K

KERN engineering careers GmbH

kern-partner.at

0

KERN engineering careers GmbH operates a professional recruiting website specialized in technology and IT sectors, primarily targeting job seekers and companies in Austria and German-speaking countries. The website offers job search, talent recruitment, and career consulting services, positioning itself as a trusted partner for technical and IT professionals. The site is built on TYPO3 CMS and hosted on a server using nginx, with DNS managed by DomainControl. Despite a professional design and comprehensive content, the website lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Basic security headers like Content-Security-Policy and Strict-Transport-Security are present but insufficient without proper TLS support. Privacy compliance is addressed with a cookie consent mechanism and a detailed privacy policy in German. Contact is primarily via a web form, with no direct emails or phone numbers published. Social media presence on Facebook, LinkedIn, Xing, and Kununu supports business credibility.

K

Kontron Technologies GmbH

secureguard.eu

0

Kontron Technologies GmbH is a medium-sized Austrian technology company specializing in Industrial IoT, digitalization, and smart energy solutions. With over 20 years of experience, they provide tailored software development, workforce management, and expert services to optimize business processes. The website is professionally designed, content-rich, and targets B2B clients seeking innovative technology solutions. Technically, the site runs on Drupal 10 with Apache but lacks a valid SSL certificate, exposing it to security risks. Cookie consent and privacy policies are well implemented, ensuring GDPR compliance. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in SSL deployment and security headers are recommended to enhance trust and protect user data.