Security Directory

E

ERSTE Immobilien Kapitalanlagegesellschaft m.b.H.

ersteimmobilien.at

0

ERSTE Immobilien KAG operates as a specialized real estate investment fund manager focusing on Austrian and German residential and commercial properties with a strong emphasis on sustainability and ethical investment principles. The website reflects a mature digital presence with modern JavaScript frameworks and CDN usage, providing a good user experience and clear business information. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Legal and compliance documentation is comprehensive and accessible, supporting regulatory adherence. Overall, the business demonstrates credibility and professionalism but must urgently address critical security gaps to protect user data and maintain trust.

M

MP Corporate Finance GmbH

mpcf.net

0

MP Corporate Finance GmbH is a market-leading industrial M&A advisory firm based in Vienna, Austria. They specialize in maximizing shareholder value through dedicated sector teams and have a strong track record of over 700 projects worldwide. Their services cover buy-side, sell-side, capital raise, carve-out, and private equity lifecycle management, targeting corporates, family businesses, and financial sponsors in industrial sectors. The website is professionally designed, multilingual, and optimized for SEO and accessibility, reflecting a mature digital presence. However, the lack of a valid SSL certificate and HTTPS configuration significantly undermines their security posture, exposing users to risks. Security headers are well configured, but the absence of modern TLS protocols and strong cipher suites is a critical vulnerability. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the business credibility is high, but urgent improvements in SSL/TLS security are recommended to protect client data and maintain trust.

P

Paul Lange Austria

thalinger-lange.com

0

Paul Lange Austria operates as a specialized wholesaler and supplier for the Austrian bicycle and fishing retail markets, providing a wide range of accessories and components from well-known brands such as Shimano. The company supports its dealer network with training, catalogs, and online portals, positioning itself as a key regional player with a professional digital presence. The website is built on WordPress with Elementor and incorporates modern SEO and UI tools, reflecting a moderate level of digital maturity. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing users to risks and potentially impacting trust. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and modern TLS protocols indicates room for improvement in security practices. Overall, the business appears legitimate and well-established, but urgent remediation of SSL/TLS issues is recommended to enhance security and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

Gradonna ****s Mountain Resort

gradonna.at

0

Gradonna Mountain Resort is a premium 4-star superior hospitality business located in Austria, offering luxury hotel and chalet accommodations with wellness, spa, and ski-in ski-out amenities. The website is professionally designed with comprehensive content targeting tourists seeking mountain resort experiences. Technically, the site uses TYPO3 CMS with modern JavaScript libraries and integrates Cookiebot and Google Tag Manager for privacy and analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that significantly impacts the site's security posture. The domain registration is consistent with the business claims and is owned by the Schultz Gruppe, a parent company. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and trust.

L

LKB

lkb.eu

0

LKB is a small healthcare-focused company based in Austria, specializing in the supply and distribution of life science and routine medical diagnostics products. The company holds ISO 9001 certification and emphasizes customer and technical support, targeting laboratories and medical diagnostics professionals. The website presents a professional design with clear navigation and relevant content, supporting the company's market position as a trusted supplier in the region. Technically, the website uses modern frontend technologies such as Bootstrap 5 and jQuery, hosted on SuperHosting.bg, but lacks HTTPS support and advanced security configurations, which significantly impacts its security posture. The absence of SSL/TLS encryption and security headers exposes the site to risks and undermines user trust. Privacy compliance is minimal, with a privacy policy present but no cookie policy or consent mechanisms. Contact information is comprehensive and clearly displayed, enhancing business credibility. Overall, while the business and website demonstrate professionalism and market relevance, critical security improvements are necessary to protect users and data.

U

UNiQUARE Software Development GmbH

uniquare.com

0

UNiQUARE Software Development GmbH is an Austrian company specializing in software solutions for customer-centric banking, with 36 years of experience. The company offers digitized, integrated end-to-end banking processes and provides a complete service package including software development, integration, implementation, and maintenance. Their market position is strong within the banking sector, serving over 1,500 financial institutions and 200,000 users across three continents. The website reflects a professional and comprehensive digital presence with clear business information and customer testimonials. Technically, the site is built on WordPress with Elementor and related plugins, optimized for SEO and mobile use, but suffers from slow performance and basic accessibility.

The website entec-biogas.at is currently inaccessible due to a Cloudflare security challenge page that blocks content unless JavaScript and cookies are enabled. This prevents access to any meaningful business or security content. The domain is registered and DNS records are consistent with an Austrian entity, but the lack of a valid SSL certificate and HTTPS support is a significant security concern. No privacy, cookie, or terms of service policies are detectable, nor is any contact information or business metadata available. The site appears to be protected by Cloudflare's WAF, which is currently blocking direct content access, limiting the ability to perform a full analysis. Security headers are present but basic, and no vulnerabilities are detected in the limited data available.

M

MH|Direkt

mhdirekt.com

0

MH|Direkt is a mature and established e-commerce fulfillment service provider based in Austria with over 28 years of experience. The company operates multiple fulfillment centers across Austria, Germany, and the UK, offering comprehensive services including warehousing, packaging, cross-border shipping, personalization, and API integration. Their business model focuses on supporting online shops to efficiently manage logistics and shipping across Europe, including direct market entry into Switzerland. The website reflects a professional and well-branded digital presence with extensive content and customer testimonials, positioning MH|Direkt as a reliable partner in the e-commerce logistics sector. Technically, the website is built on WordPress using popular plugins and frameworks such as Elementor, Gravity Forms, and WP Rocket. It integrates multiple marketing and analytics tools including Google Analytics, Google Ads, Facebook Pixel, and LinkedIn Insight Tag, indicating a mature digital marketing strategy. The site is mobile-optimized and SEO-friendly, though performance is moderate and accessibility features are basic. From a security perspective, the website lacks a valid SSL certificate, which is a critical issue impacting user trust and data security. Other security best practices such as HSTS, DNSSEC, and domain protection locks are not implemented, reducing the overall security posture. No explicit security or incident response policies are published on the site. Privacy and cookie policies are present and appear GDPR compliant, with consent mechanisms in place. Overall, MH|Direkt presents a credible and professional business with strong market positioning in e-commerce fulfillment. However, the lack of HTTPS and some security best practices pose risks that should be addressed promptly to enhance trust and compliance. Strategic recommendations include immediate SSL certificate installation, enabling HSTS and DNSSEC, and publishing security policies to improve transparency and security culture.

A

AMAG Austria Metall AG

amag.at

0

AMAG Austria Metall AG is a well-established Austrian manufacturer specializing in environmentally friendly and future-oriented aluminium products and solutions. The company serves various industries including automotive, aerospace, industrial goods, and consumer goods, positioning itself as a leader in the aluminium manufacturing sector. Their website provides comprehensive information about their products, corporate values, investor relations, media, and career opportunities, targeting business customers and industry partners. The digital infrastructure is based on TYPO3 CMS with integration of modern frontend frameworks and analytics tools such as Matomo and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens the security posture. While security headers like Content Security Policy and X-Content-Type-Options are present, critical improvements are needed to secure data transmission and enhance trust. Overall, the website is professional and content-rich but requires urgent security upgrades to meet modern standards.

hoog.at is a small, community-driven alternative social network and blog platform primarily focused on social activism, photography, and personal projects by Wolf Hoog and collaborators. The website targets a German-speaking audience interested in social causes and alternative culture. It leverages WordPress with BuddyPress and ActivityPub plugins to provide social networking features and content sharing. The site has a moderate market position within its niche and maintains a consistent, good-quality content offering with active social media channels. Technically, the site runs on Apache and is hosted by easyname.eu, but suffers from a lack of valid SSL/TLS certificates, resulting in insecure HTTP connections. Performance data is missing, and mobile optimization is basic. Security posture is weak due to missing HTTPS, lack of strong security headers, and no modern TLS protocols enabled. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Business credibility is moderate, supported by consistent domain registration and social media presence but limited direct contact information. Overall, the site is functional but requires significant security and privacy improvements to enhance user trust and compliance.

O

Ovotherm International Handels GmbH

ovotherm.com

0

Ovotherm International Handels GmbH is a medium-sized Austrian manufacturing company established in 1969, specializing in eco-friendly clear egg packaging made from recycled PET waste. The company positions itself as the global market leader in the egg packaging industry, targeting businesses within the egg supply chain. Their website reflects a professional and consistent brand image, offering detailed product information, environmental benefits, and company insights. Technically, the site uses the ProcessWire CMS with modern frontend libraries such as GSAP and Tailwind CSS, providing a good user experience and mobile optimization. However, the website critically lacks a valid SSL/TLS certificate, resulting in no HTTPS support and weak security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided, enhancing business credibility. Social media presence on Facebook, Instagram, and LinkedIn supports trust and engagement.

The Doppelmayr Group website for the Automated People Mover system presents a business focused on transportation solutions, specifically cable liner automated people movers designed to manage high visitor flows efficiently. The company appears to be a large, established entity in the transportation sector based in Austria, with a consistent brand presence and clear business focus. The website content is basic but includes well-structured SEO metadata and social sharing tags, indicating some digital marketing maturity. Technically, the site uses modern frameworks such as Nuxt.js and WordPress CMS, hosted behind Cloudflare CDN. However, the absence of a valid SSL certificate and lack of HTTPS severely undermine the security posture. Performance metrics are unavailable, but the presence of many prefetch and preload scripts suggests an attempt at optimization, though the lack of HTTPS is a critical flaw. Mobile optimization and accessibility are basic, with room for improvement. Security analysis reveals significant vulnerabilities: no SSL/TLS encryption, no HSTS, no DMARC, DNSSEC, or CAA records, and no security.txt or vulnerability disclosure policies. Tracking and advertising scripts are present without accompanying privacy or cookie policies, indicating poor privacy compliance. No contact or incident response information is provided, limiting transparency and trust. Overall, the website's risk profile is elevated due to missing HTTPS and privacy compliance gaps. Strategic improvements in security infrastructure, privacy policies, and contact transparency are recommended to enhance trust and compliance.

Wolford operates an international e-commerce retail website specializing in fashion products, targeting multiple countries with localized language versions. The site is built on Salesforce Commerce Cloud (Demandware) and uses modern web technologies including Google Fonts, Google reCAPTCHA, and Usercentrics for cookie consent management. Cloudflare is used as a hosting and CDN provider. However, the website lacks a valid SSL/TLS certificate, resulting in no proper HTTPS support, which is a critical security concern. The site implements some security headers but misses important configurations such as HSTS and OCSP stapling. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information and security policies are not found in the analyzed content, reducing transparency and trust. Overall, the website demonstrates a basic level of technical and business maturity but requires significant improvements in security and privacy compliance to meet modern standards.

S

SPIDI Friedl & Partner Unternehmensberatungs GmbH

spidi.at

0

SPIDI Friedl & Partner Unternehmensberatungs GmbH operates a professional language and intercultural learning institute based in Vienna, Austria. The company offers a broad portfolio of language courses, including group and individual training, online courses, and certification test centers such as ÖSD and Linguaskill. The business targets both private individuals and corporate clients, positioning itself as a quality provider in adult education with recognized certifications. The website reflects a mature digital presence built on WordPress with modern SEO and consent management tools, supporting GDPR compliance. However, the absence of a valid SSL certificate undermines the security posture and user trust. The company maintains clear contact channels and social media engagement, enhancing business credibility.

D

DSC Doralt Seist Csoklich Rechtsanwälte GmbH

dsc.at

0

DSC Doralt Seist Csoklich Rechtsanwälte GmbH is a well-established Austrian law firm with over 30 years of experience, offering comprehensive legal consulting services across a broad spectrum of legal fields. The firm positions itself as a top 20 law firm in Austria, emphasizing efficiency and holistic solutions for its clients. The website reflects a professional and consistent brand image, targeting clients seeking expert legal advice primarily in Austria. The business model is focused on providing high-quality legal services with a client-centric approach. Technically, the website is built on a PHP backend with nginx server infrastructure and uses several JavaScript libraries including jQuery, Slick Carousel, Flexslider, and AOS for animations. The site employs Matomo for analytics, indicating a preference for privacy-conscious tracking. However, the website lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security shortfall. Performance metrics are not available, but the presence of multiple large images and older JavaScript libraries suggests moderate to slow loading times. From a security perspective, the absence of HTTPS and security headers such as Content-Security-Policy and HSTS reduces the overall security posture. No critical vulnerabilities or exposed sensitive data were detected, but the lack of modern security best practices is notable. Privacy compliance is well addressed with clear privacy and cookie policies, cookie consent mechanisms, and GDPR compliance indicators. Contact information is complete and clearly presented, enhancing trustworthiness. Overall, the website is professional and credible but requires urgent improvements in SSL/TLS configuration and security headers to enhance user trust and data protection. Strategic recommendations include implementing a valid SSL certificate, enabling HSTS, adding security headers, and continuing to maintain privacy compliance and transparent contact information.

S

Salinen Austria Aktiengesellschaft

salinen.com

0

Salinen Austria Aktiengesellschaft is a leading Austrian salt manufacturer specializing in high purity salt products including pharmaceutical salt, cooking salt, industrial salt, and agricultural fertilizers. The company serves both private consumers and business clients, offering a broad product portfolio and an online webshop. Their market position is strong within Austria and the surrounding region, supported by multiple country-specific sister sites. Technically, the website is built on TYPO3 CMS with modern frontend features such as lazy loading images and Google Analytics integration. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture. Security headers are partially implemented but without encryption, the site is vulnerable to interception. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

A

Amadeus International School Vienna

amadeus-vienna.com

0

Amadeus International School Vienna is a well-established private international school offering IB education and boarding services with a unique integrated Music and Arts Academy. The school targets international students and families seeking high-quality education in Vienna. The website is professionally designed with rich content and multimedia, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and frameworks, but suffers from a critical lack of HTTPS due to an invalid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly presented, enhancing business credibility. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

D

DIE KÄSEMACHER GmbH

kaesemacher.at

0

Die Käsemacher GmbH is a small Austrian specialty food manufacturer focused on producing high-quality cheese and antipasti products using traditional methods and sustainable milk production. The company operates a well-structured website with a comprehensive product catalog and an online shop subdomain, targeting both end consumers and B2B partners. Technically, the website is built on the concrete5 CMS platform and uses modern JavaScript libraries to enhance user experience and mobile responsiveness. However, the absence of HTTPS is a critical security flaw that significantly impacts the site's security posture. While cookie consent mechanisms and privacy policy references exist, formal security policies and incident response contacts are not found. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect user data and build trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

N

NovaTaste Austria GmbH

wiberg.eu

0

WIBERG, operated by NovaTaste Austria GmbH, is a well-established international spice and culinary product supplier targeting professional chefs, gastronomy, and catering sectors. The company offers a comprehensive range of high-quality products, supported by a professional and content-rich website that includes detailed product information, recipes, and sustainability commitments. Technically, the website is built on modern frameworks such as Next.js and React, hosted likely on Microsoft Azure, and demonstrates good design and user experience. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While several security headers are implemented, the lack of HTTPS undermines these protections. Privacy compliance is good with a comprehensive privacy policy, but no explicit cookie consent mechanism was detected. Overall, the website is credible and professional but requires urgent security improvements to protect user data and enhance trust.

D

dmcgroup

dmcgroup.eu

0

dmcgroup is a design and digital agency specializing in strategic consulting, branding, UX/UI design, and web and software development. Positioned as a top-ten brand agency in Austria with notable industry rankings, it serves a diverse clientele including national and international companies. The website reflects a professional and consistent brand image with comprehensive service offerings and strong trust indicators such as reputable client logos and industry recognition. Technically, the site is built on WordPress with modern frontend libraries and caching mechanisms, but lacks a valid SSL certificate, which is a critical security gap. Security headers are partially implemented, and privacy policies are present and GDPR compliant, though cookie consent mechanisms are not evident. Overall, the security posture is basic and requires urgent improvements to protect user data and enhance trust. The website is accessible and well-structured, with good mobile optimization and SEO practices, but performance metrics are missing and inferred to be slow. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, enhancing security headers, and implementing cookie consent mechanisms to improve compliance and user trust.

Accenture Austria operates as a leading management consulting, technology services, and outsourcing company, serving clients primarily in Germany and Austria. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive service offerings across multiple sectors including technology, energy, finance, and manufacturing. The technical infrastructure leverages Adobe Experience Manager CMS and a suite of Adobe marketing and analytics tools, hosted on Amazon CloudFront CDN, ensuring a robust platform for content delivery and user engagement. However, the site suffers from a critical security shortfall due to an invalid SSL certificate and lack of modern TLS protocol support, which undermines user trust and data security. Security headers are implemented but the Content-Security-Policy is weak, allowing unsafe script execution. Privacy compliance is well addressed with clear privacy and cookie policies managed via OneTrust. Overall, the site is professional and credible but requires urgent remediation of SSL and CSP issues to enhance security posture.

Schullin Wien is a well-established luxury jewelry and watch retailer based in Vienna, Austria, with a rich family tradition dating back to 1802 and formal business founding in 1974. The company specializes in fine jewelry design and manufacturing, luxury watch sales including Rolex, and certified pre-owned Rolex watches. Their market position is strong within the luxury retail sector, targeting affluent customers seeking unique and high-quality pieces. The website reflects a mature digital presence with multilingual support, rich content, and integration of modern web technologies such as WordPress, WooCommerce, Alpine.js, and Swiper.js. Marketing and analytics tools like Google Analytics, Facebook Pixel, and Adobe Analytics are actively used with GDPR-compliant cookie consent mechanisms in place. However, the security posture is significantly weakened by the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability that undermines user trust and data protection. The site employs standard security headers but lacks advanced protections such as HSTS and OCSP stapling. Overall, the business credibility and content quality are high, but urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and compliance with best practices.

I

illwerke vkw AG

illwerkevkw.at

0

illwerke vkw AG is a well-established energy company based in Austria, specializing in renewable energy production including hydropower, wind, and photovoltaic sources, as well as energy trading and supply. The company has a strong regional presence in Vorarlberg and operates several subsidiaries in related sectors such as energy networks and tourism. The website reflects a professional and consistent brand image with comprehensive business information and active social media engagement. Technically, the site uses modern JavaScript libraries and frameworks, including Bootstrap and jQuery, and integrates Google Tag Manager and Usercentrics for analytics and consent management. However, the lack of a valid SSL certificate and HTTPS support is a significant security shortfall, impacting the overall security posture and user trust. Privacy policies and cookie consent mechanisms are well implemented, indicating good compliance with GDPR requirements. Overall, the website is informative and user-friendly but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

T

traffic3 GmbH

traffic3.net

0

traffic3 GmbH is a specialized online marketing agency based in Vienna, Austria, focusing on performance marketing services such as Google Ads, SEO, web analytics, video and social ads, programmatic advertising, and conversion optimization. The company holds reputable certifications including Google Ads Premier Partner and Google Analytics Certified Service Partner, positioning it as a trusted player in the digital marketing sector. The website content is rich, professionally designed, and targets businesses seeking expert online marketing solutions primarily in Austria. Technically, the website employs modern JavaScript and consent management tools but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Performance is slow, with a page load time exceeding 14 seconds, which may affect user experience. Privacy compliance is well addressed with comprehensive policies and a consent mechanism in place. Contact information is clearly presented, enhancing business credibility. Overall, the site demonstrates strong business legitimacy but requires urgent security improvements.

A

A&N GesbR

shelfie.at

0

The website shelfie.at is currently a coming soon placeholder page for the company A&N GesbR, represented by Philipp Asanger and Manuel Nobis, located in Linz, Austria. The site provides minimal business information, primarily a logo and contact address, with no detailed description of services or products. The business appears to be small and in early stages of web presence development. Technically, the site is built on WordPress using the SeedProd coming soon plugin, with Tailwind CSS and FontAwesome for styling, and jQuery for scripting. It is hosted behind Cloudflare with valid SSL, but the SSL certificate dates appear inconsistent, possibly due to data error. The site performance is slow with a high load time, and lacks modern security headers and HSTS enforcement. Mobile optimization and accessibility are basic. From a security perspective, HTTPS is enabled with a valid certificate, but no additional security headers or policies are implemented. There are no forms or data collection points, reducing attack surface but also limiting user engagement. No privacy, cookie, or terms of service policies are present, indicating low privacy compliance. DNSSEC and CAA are not enabled, and no vulnerability disclosure or incident response information is provided. Overall, the site is low risk but also low maturity in security and privacy posture. Strategic recommendations include implementing security headers and HSTS, adding privacy and cookie policies to comply with GDPR, improving site performance, and expanding business content to enhance credibility and user trust.

H

HOLZWURM Werkzeuge

holzwurm-werkzeuge.de

0

HOLZWURM Werkzeuge is a small Austrian e-commerce business specializing in selling creative tools for hobbyists and crafters, primarily via online marketplaces such as Amazon and Etsy, as well as their own WooCommerce-based shop. Founded in 2017, the company emphasizes quality and customer satisfaction, targeting a broad audience of creative individuals. The website is built on WordPress with WooCommerce and uses modern web technologies and marketing tools including Cookiebot for consent management and Facebook Pixel for tracking. However, the site lacks a valid SSL certificate, exposing visitors to security risks and undermining trust. Privacy policies and terms of service are present and GDPR compliance is partially addressed through cookie consent mechanisms. Contact information is complete and transparent, supporting business credibility.

A

AXIS Flight Training Systems GmbH

axis-simulation.com

0

AXIS Flight Training Systems GmbH is a medium-sized Austrian company specializing in the design and manufacture of advanced flight simulation solutions, including full flight simulators and training devices that comply with international aviation standards such as EASA, FAA, and ICAO. Founded in 2004, AXIS positions itself as an innovator in the flight simulation industry, emphasizing quality, efficiency, and responsiveness to customer needs. The company maintains ISO 9001-2015 certification and has committed to CO2 neutrality since 2021, reflecting corporate responsibility values. Technically, the website is built on WordPress with Elementor and integrates various plugins for event management, galleries, and cookie consent. The site uses Google Analytics and Google Ads for analytics and marketing, with a compliant cookie consent mechanism in place. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. The DNS configuration shows some malformed CAA records, and no modern TLS protocols are enabled, exposing the site to potential security risks. Security posture is weak due to the absence of HTTPS and related security headers, although no active vulnerabilities or malware were detected. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms. Business credibility is high, supported by detailed company information, social media presence, and trust indicators such as certifications and CO2 neutrality. Overall, the website is professional and content-rich but requires urgent security improvements, particularly SSL/TLS implementation, to protect user data and enhance trustworthiness.

4ward Energy Research GmbH is a specialized research institution focused on energy technologies and energy economics. The company offers a broad range of services including technology development, business model creation, concept and study preparation, simulations, and knowledge transfer. Their expertise spans project leadership and coordination, particularly within national and EU research funding frameworks. The website targets research projects, companies, and municipalities involved in the energy sector, positioning itself as a reliable partner with extensive experience and a strong network. Technically, the website is built on TYPO3 CMS with modern frontend libraries such as Bootstrap and jQuery, ensuring good mobile responsiveness and user experience. However, the site lacks HTTPS support, which is a critical security shortfall. Security headers are minimal but some best practices like X-Content-Type-Options are implemented. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy in German. Contact information is clearly presented with official company email, phone, and physical address. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

D

Die Grünen

gruene.at

0

Die Grünen Austria is a well-established political party focused on environmental protection, social justice, and green policies. The website serves as a comprehensive platform for information dissemination, event promotion, and member engagement, targeting Austrian citizens interested in green politics. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. Technically, it is built on WordPress with modern frameworks and uses Cloudflare for hosting and CDN services. However, the absence of a valid SSL certificate and HTTPS significantly weakens its security posture. Privacy compliance is well addressed through GDPR-compliant consent management and detailed privacy policies. Overall, the site is trustworthy and credible but requires urgent security improvements.

The website amiraair.at is currently a parked domain landing page with no active business content or services. It primarily serves as a domain for sale advertisement, targeting potential domain buyers or investors. The site lacks any company branding, contact information, or business descriptions, indicating it is not currently used for commercial operations. Technically, the site is hosted on Hetzner Online with nginx and Caddy components, and uses several advertising and tracking scripts from parkingcrew.net and Google Adsense Domains CAF. However, the site lacks HTTPS support and has no valid SSL certificate, exposing it to security risks and reducing user trust. Security headers and best practices are minimal or absent, and no privacy or cookie consent mechanisms are implemented beyond a basic privacy policy link. Overall, the site’s security posture is weak, and its technical and content quality is poor, reflecting its status as a parked domain rather than an active business website.

S

SK Rapid

skrapid.at

0

SK Rapid's official website serves as a digital hub for the Austrian football club, providing fans with access to news, podcasts, merchandise, ticket sales, and video content. The site demonstrates a solid market position as a leading sports organization in Austria with a well-established brand and multiple sponsorship partnerships. Technically, the website is hosted on nginx servers with a modern JavaScript-based frontend and integrates third-party services such as Google Tag Manager and OneTrust for cookie consent management. However, the absence of HTTPS and a valid SSL certificate significantly undermines the site's security posture, exposing users to potential risks. The site lacks explicit privacy and terms of service policies, which impacts compliance with GDPR and other privacy regulations. Overall, while the business presence and content quality are good, critical security and privacy gaps require urgent attention to protect users and enhance trust.

C

CATRO Personalberatung und Media GmbH

catro.com

0

CATRO Personalberatung und Media GmbH is an Austrian company specializing in personnel consulting and media services, offering a range of services including personnel search, applicant management, suitability diagnostics, and online learning platforms. The company targets businesses seeking professional support in human resources and media-related services. The website is built on WordPress with a modern tech stack including Apache server, LiteSpeed cache, and various JavaScript libraries. While the site is well-designed, mobile-optimized, and SEO-friendly, it lacks a valid SSL certificate, which is a critical security vulnerability. The company demonstrates good privacy compliance with a comprehensive privacy policy and cookie consent mechanism. However, there is no explicit security policy or incident response information available on the site. Overall, the website is professional and trustworthy but requires urgent improvements in its security posture to protect user data and enhance trust.

K

KOHLBACH

kohlbach.at

0

KOHLBACH is a company specializing in biomass energy solutions, targeting businesses and organizations interested in sustainable energy production. The website presents a basic digital presence with minimal content and limited business information. The technical infrastructure uses modern JavaScript frameworks such as React and integrates third-party services like CookiePro for cookie consent and Google Tag Manager for analytics. However, the website lacks HTTPS, which is a critical security deficiency, and does not provide privacy policies or contact information, limiting trust and compliance. Security posture is weak due to missing SSL, lack of security headers beyond Content-Security-Policy, and absence of domain security features like DMARC and DNSSEC. Overall, the site is functional but requires significant improvements in security and compliance to meet industry standards.

The website falstaff.at is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of actual business content. This prevents a full assessment of the company's online presence, business model, or services. The domain is registered and has DNS records consistent with operational email infrastructure, but no valid SSL certificate is installed, and HTTPS is not properly configured. The lack of visible content, contact information, or compliance policies indicates a very limited digital footprint at this time. Technically, the site relies on Cloudflare for security and hosting services but fails to implement essential security best practices such as valid SSL/TLS, HSTS, and OCSP stapling. Performance and accessibility cannot be evaluated due to the blocked content. The presence of Cloudflare Insights indicates minimal analytics tracking. From a security perspective, the absence of HTTPS and the presence of a WAF block significantly reduce the trustworthiness and usability of the site. No privacy, cookie, or terms of service policies are found, and no contact or incident response information is available. The domain registration data appears consistent and legitimate but lacks detailed WHOIS information to confirm domain age or registrant identity. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility due to the blocking and missing information. Strategic recommendations include resolving SSL issues, publishing essential policies, providing clear contact information, and ensuring the site is accessible to legitimate users to improve trust and compliance.

wengermayer business consulting is a small Austrian consulting firm specializing in human-centric organizational development, communication culture, conflict management, and personnel development. Their services focus on supporting businesses where human interaction and development are central. The website is built on Contao CMS and hosted on an Apache server with Ubuntu, using various JavaScript libraries for UI enhancements. However, the site lacks HTTPS, which is a critical security vulnerability. Cookie consent is implemented via Cookiebot, indicating awareness of privacy compliance. Social media presence on XING, LinkedIn, Facebook, and Twitter supports business credibility. Overall, the technical infrastructure is basic with room for modernization and security improvements.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Dr. Andreas Riedler Facharzt für HNO, Kopf- und Halschirurgie

der-hno-arzt.at

0

Dr. Andreas Riedler operates a specialized ENT medical practice based in Wels, Austria, providing comprehensive ear, nose, and throat healthcare services including examinations, therapies, and surgeries. The website targets local patients seeking trusted medical care and emphasizes personalized patient relationships and appointment scheduling. Technically, the website is built on a CMS platform (ZMS) with standard web technologies and integrates Matomo analytics for user behavior tracking with privacy opt-out features. However, the absence of a valid SSL certificate and lack of modern TLS protocols represent significant security weaknesses that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no terms of service or incident response policies are published. Overall, the website is functional and professionally presented but requires urgent security improvements to meet modern standards.

R

Raiffeisen Informatik GmbH & Co KG

raiffeiseninformatik.at

0

Raiffeisen Informatik GmbH & Co KG is a well-established IT service provider specializing in comprehensive IT solutions for financial and insurance sectors, with over 50 years of experience and a strong presence in Austria and neighboring countries. The company offers a broad range of services including data center operations, security services, IT consulting, and banking and insurance solutions. Their business model focuses on close collaboration with clients from planning through operation, supported by a large workforce and significant annual revenue. Technically, the website is built on WordPress with Apache server infrastructure and uses Cloudflare for DNS, but critically lacks a valid SSL certificate, exposing it to security risks. Security headers are implemented, but without HTTPS the security posture is severely weakened. Privacy compliance is basic with no visible cookie consent or incident response information. Overall, the website is professional and content-rich, but the lack of HTTPS is a major security concern that must be addressed urgently.

S

SonnenMoor

sonnenmoor.at

0

SonnenMoor is an established Austrian family-owned business specializing in natural health products and remedies, operating since 1972. The company leverages a Shopify-based e-commerce platform to serve both retail consumers and business partners, with a strong focus on natural, herbal, and moor-based products. The website is professionally designed, content-rich, and provides comprehensive contact and support information, including personal consultation services. Technically, the site uses modern e-commerce technologies and integrates multiple marketing and analytics tools with GDPR-compliant consent mechanisms. However, a critical security issue is the lack of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture and user trust. The domain registration data aligns well with the business claims, indicating legitimacy and consistency. Strategic improvements in SSL/TLS configuration are essential to enhance security and trust.

KWR Karasek Wietrzyk Rechtsanwälte GmbH is a leading Austrian law firm specializing in Wirtschaftsrecht (business law) with over 20 years of experience. The firm offers a broad range of legal services including construction law, intellectual property, dispute resolution, and more, targeting national and international corporate clients. The website is professionally designed, content-rich, and well-structured, reflecting the firm's strong market position and reputation supported by multiple industry recognitions such as Chambers and Legal 500. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes user privacy mechanisms like cookie consent and optional Matomo analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to risks and undermining trust. Security headers are partially implemented but require enhancement. Overall, the site demonstrates good privacy compliance and business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

B

bgm Partners

bgm-partners.com

0

bgm Partners is a small, privately owned corporate finance advisory firm headquartered in Vienna, Austria, with an additional presence in Luzern, Switzerland. The company specializes in mid-cap and large-cap advisory services focusing on Mergers & Acquisitions, Corporate Finance, and Project Finance. The website presents basic business information and service offerings targeting corporate clients seeking financial advisory services. The market position appears modest but globally oriented within the finance sector. Technically, the website is built on TYPO3 CMS and uses legacy JavaScript libraries such as jQuery 1.7.2. Google Analytics is implemented for visitor tracking, but the site lacks modern performance optimizations and mobile responsiveness is basic. The website does not use HTTPS, which is a critical security deficiency. The absence of a valid SSL certificate and modern TLS protocols exposes visitors to security risks and undermines trust. From a security perspective, the site lacks essential protections such as HTTPS, HSTS, and security headers. No incident response or security policies are publicly available, and no contact emails or phone numbers are provided for direct communication. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism. The presence of an unrelated external gambling link in hidden text raises minor suspicion. Overall, the website's risk profile is elevated due to missing HTTPS and weak security posture. Strategic improvements should prioritize securing the site with a valid SSL certificate, implementing security headers, and enhancing privacy compliance. Business credibility would benefit from clearer contact information and updated technical infrastructure.

M

MPG GmbH

michael-pachleitner-group.com

0

MPG GmbH is an established Austrian eyewear company specializing in manufacturing and retail of optical frames and lenses, serving both B2B and B2C markets. The company operates multiple subsidiaries and maintains a professional online presence with multilingual support and structured data. Technically, the website is built on WordPress using Elementor and Yoast SEO, integrating marketing tools such as Google Tag Manager and Facebook Pixel. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing users to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the business demonstrates credibility and maturity, but security posture requires urgent improvement to align with best practices.

S

SRB Consulting Team GmbH

srb.at

0

SRB Consulting Team GmbH is a well-established IT service provider specializing in SAP consulting, implementation, and optimization services. With over 25 years of experience and a strong SAP Gold Partner certification, the company offers a broad range of SAP-related solutions including ERP, CRM, SCM, and SAP Business Technology Platform services. Their target audience includes businesses across various industries seeking digital transformation and SAP expertise. The website presents professional content, clear navigation, and consistent branding, supported by a solid social media presence. Technically, the website uses a variety of modern front-end libraries such as Bootstrap, jQuery, and Owl Carousel, but lacks a valid SSL certificate and HTTPS support, which is a critical security shortfall. Performance is slow with a high page load time and large page size, indicating potential optimization needs. Privacy compliance is well addressed with a GDPR-compliant cookie consent mechanism and a clear privacy policy. Security posture is weak due to the absence of HTTPS, missing security headers, and no visible incident response or security policies. This exposes the site and its users to risks and undermines trust. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing the company's credibility. Overall, while the business and content quality are good, the lack of HTTPS and security best practices significantly lowers the security score and overall rating. Immediate remediation of SSL/TLS issues and security hardening is recommended to improve trust and compliance.

L

Lidl Österreich

lidl.at

0

Lidl Österreich operates a comprehensive retail website offering a wide range of products including food, household items, garden supplies, fashion, and more. The site features extensive promotional content, including weekly offers and loyalty programs such as Lidl Plus. The company holds a strong market position in Austria as a leading discount supermarket chain, supported by a consistent and professional brand presence. Technically, the website employs modern technologies like Vue.js and is hosted on a robust infrastructure with Akamai DNS services. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Despite this, the site implements several security headers and content security policies, indicating a focus on security best practices. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the site is professional and trustworthy but must urgently address the SSL deficiency to ensure secure user interactions.

C

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG

colop.com

0

COLOP Stempelerzeugung Skopek Gesellschaft m.b.H. & Co. KG is a well-established Austrian manufacturer specializing in stamps and marking solutions with a global footprint. Founded in 1981, the company operates multiple subsidiaries worldwide and offers a broad range of products including traditional stamps, mobile printing devices, and creative arts and crafts stamps. Their business model combines manufacturing with e-commerce and partner distribution, targeting both professional and creative markets. The website reflects a professional and comprehensive digital presence with strong branding and content quality.

I

Istmobil

istmobil.at

0

Istmobil.at is an independent informational website focused on providing detailed reviews, guides, and affiliate referrals related to mobile casinos and online gambling targeted at Austrian players. The site offers comprehensive content on casino apps, bonuses, payment methods, and gaming options, positioning itself as a niche media player in the online gambling affiliate space. Technically, the site is hosted behind Cloudflare and uses standard web technologies including HTML5, CSS3, and JavaScript, with Google Fonts for typography. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. This significantly impacts the site's security posture and user trust. Privacy compliance is minimal, with no visible cookie consent mechanism and only basic privacy and terms of service pages linked in the footer. The site uses Matomo analytics and affiliate marketing links to partner casino domains. Overall, while content quality and business credibility are moderate to good, the lack of HTTPS and modern security practices present a major risk. Strategic improvements in security and privacy compliance are essential to enhance trust and protect users.

T

Therefore Corporation

therefore.net

0

Therefore Corporation operates a comprehensive information management platform targeting businesses across multiple industries. The company positions itself as a market leader in ECM and workflow automation, offering a wide range of software solutions designed to improve document management, workflow digitization, and data accessibility. Their website reflects a mature digital presence with professional design, rich content, and clear navigation. Technically, the site is built on WordPress with modern optimization plugins and uses Google Tag Manager for analytics. However, the absence of a valid SSL certificate is a significant security gap, undermining the otherwise strong security headers and policies. Privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. Overall, the business credibility is high, supported by certifications, partner relationships, and extensive case studies.

T

twinformatics GmbH

twinformatics.at

0

twinformatics GmbH is a medium-sized Austrian IT service provider specializing in software development and operation for major insurance companies such as Wiener Städtische Versicherung AG and Vienna Insurance Group. The company positions itself as a strong IT partner with end-to-end responsibility for innovative software solutions trusted by thousands of users. The website is professionally designed, primarily in German, targeting IT professionals and potential employees. Technically, the site runs on WordPress with modern PHP and uses several plugins for enhanced functionality. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of HSTS headers. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. The security posture is basic and requires immediate improvements in SSL/TLS configuration and vulnerability disclosure practices. Overall, the website reflects a credible and professional business but needs technical security enhancements to align with best practices.