Security Directory

C

connex.cc IT-Consulting GmbH

connex.cc

0

connex.cc IT-Consulting GmbH is a well-established Austrian IT consulting firm specializing in the public sector, with over two decades of experience. The company operates as a subsidiary of xrxes.cc Holding GmbH and offers a range of services including IT consulting, business analysis, test management, project management, and project assistance. The website is professionally designed, content-rich, and targets public sector organizations in Austria. Technically, the site is built on WordPress using Elementor and Astra theme, with modern plugins enhancing user experience. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which significantly impacts the security posture. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and a consent mechanism. Contact information is clearly provided, enhancing business credibility.

P

Pioneers Innovation GmbH

pioneers.io

0

Pioneers Innovation GmbH is an established innovation consulting and corporate venture building firm founded in 2013, serving a broad range of corporate clients across sectors such as energy, transportation, banking, and technology. The company offers comprehensive services including innovation strategy, setup, execution, venture building, and startup services, positioning itself as a trusted partner for innovation-powered transformation and growth. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client testimonials and references to large organizations. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, but suffers from critical security shortcomings including the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the business credibility is high, but the lack of HTTPS is a major risk that should be urgently addressed.

The PKE Group is a well-established Austrian technology company founded in 1979, specializing in security, communication, media, traffic, building, and logistics technology solutions. It operates internationally with a strong regional presence across Europe and the Middle East through multiple subsidiaries. The website reflects a professional and comprehensive digital presence, targeting businesses seeking innovative and reliable technology services. Technically, the site uses modern frameworks such as Pimcore CMS and Alpine.js, and employs Matomo for analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks and undermining trust. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site demonstrates strong business credibility but requires urgent security improvements to align with best practices.

C

Communi5

communi5.com

0

Communi5 is a medium-sized Austrian software manufacturer specializing in communications solutions for service providers, focusing on UCaaS and Cloud PBX offerings. The company demonstrates a mature market position with a future-oriented approach, integrating modern collaboration tools such as MS Teams. The website reflects a professional and consistent brand image with comprehensive content targeting service providers and business customers. Technically, the site is built on WordPress with Elementor and uses modern UI components like Smart Slider 3, but lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. However, the absence of explicit security policies and incident response information is noted. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

V

VARIOTHERM HEIZSYSTEME GMBH

variotherm.com

0

Variotherm Heizsysteme GmbH is an established Austrian company specializing in surface heating and cooling systems for floors, walls, and ceilings, leveraging over 30 years of expertise. Their product portfolio targets contractors, installers, architects, and end customers seeking efficient heating and cooling solutions. The company maintains a professional online presence with multilingual support and a comprehensive product and service offering. Technically, the website is built on TYPO3 CMS served by Apache, with integrated analytics via Matomo and Google Tag Manager. However, the absence of HTTPS and a valid SSL certificate significantly undermines the security posture. While cookie consent mechanisms and privacy policies are in place, the lack of advanced security headers and incident response information indicates room for improvement. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

x-tention is a medium-sized Austrian IT company specializing in comprehensive IT solutions for the healthcare and social sectors. Founded in 2001 and part of the xt Unternehmensgruppe, it offers consulting, software development, data science, managed services, and cybersecurity. The company targets healthcare providers and social organizations, emphasizing innovative and secure digital health solutions. The website is professionally designed, content-rich, and well-structured, supporting multiple languages and providing clear contact and support channels. Technically, the site uses Drupal 10 and modern web technologies, but suffers from critical security issues due to the absence of a valid SSL certificate and HTTPS support, severely impacting its security posture. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the business credibility is high, but urgent improvements in SSL/TLS implementation are needed to secure user data and trust.

B

Barmherzige Brüder Wien

bbwien.at

0

Barmherzige Brüder Wien operates as a large, well-established non-profit hospital in Austria, providing a broad range of medical services and patient care. The website reflects a mature digital presence with comprehensive content, clear navigation, and active social media engagement. Technically, the site uses a modern CMS (siteswift) and popular JavaScript libraries to enhance user experience. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in all traffic being served over HTTP, which exposes users to potential interception risks. The site implements GDPR-compliant privacy and cookie consent mechanisms, indicating awareness of privacy regulations. WHOIS data confirms domain legitimacy and consistency with the hospital's identity. Overall, the site is professional and trustworthy but urgently requires HTTPS implementation to secure user data and improve security posture.

V

Verlag Österreich

verlagoesterreich.at

0

Verlag Österreich is a specialized legal publisher based in Austria, offering a comprehensive range of legal literature including books, eBooks, journals, and commentaries. The website targets legal professionals, academics, students, and institutions, providing an e-commerce platform for purchasing legal publications. The business is well-established with a consistent brand presence and a professional digital footprint. Technically, the website uses a modern tech stack including Apache, jQuery, and a proprietary CMS (Datamints), with good mobile optimization and accessibility features. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. Security headers are present but cannot compensate for the lack of encryption. Privacy and cookie policies are comprehensive and GDPR compliant, and the site employs Google Tag Manager for analytics and marketing. Overall, the site is professional and trustworthy but urgently needs to address its SSL/TLS configuration to ensure secure user interactions.

W

WestLicht

westlicht.com

0

WestLicht is a well-established cultural venue in Vienna specializing in photography exhibitions, a camera museum, and related services such as a bookshop and café. The website targets photography enthusiasts and cultural visitors, offering detailed information about exhibitions, events, memberships, and retail options. The domain age of 24 years and consistent WHOIS data support the legitimacy and maturity of the business. Technically, the site uses a modern JavaScript stack with jQuery, Swiper.js, and Google services integrated, managed via the siteswift CMS and hosted by Hetzner Online GmbH. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, exposing users to potential risks. The site implements a cookie consent mechanism compliant with GDPR, but lacks explicit security policies or incident response information. Overall, the website is professionally designed with good content quality and user experience but requires urgent security improvements to protect visitors and enhance trust.

B

Business Upper Austria - OÖ Wirtschaftsagentur GmbH

biz-up.at

0

Business Upper Austria - OÖ Wirtschaftsagentur GmbH is a government agency serving as the location and investment promotion agency for the state of Upper Austria. The organization provides tailored solutions for companies' investment and innovation projects, supporting national and international businesses with services such as investor services, human capital management, innovation promotion, cooperation facilitation, and industrial transformation. The website reflects a professional and comprehensive digital presence with clear navigation and relevant content targeted at businesses and investors interested in the region. Technically, the website is built on the TYPO3 CMS platform, utilizing modern frontend libraries such as Swiper.js and Font Awesome 6 Pro. The site includes a cookie consent mechanism compliant with GDPR and uses Matomo analytics for user tracking with explicit consent. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and lack of HTTPS support, which severely impacts the security posture and user trust. Security-wise, while SPF and DMARC records are properly configured to protect email integrity, the lack of TLS encryption and modern security headers exposes the site to risks. No incident response or security policy information is publicly available, which could be a concern for security-conscious visitors. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, reinforcing trust in the entity behind the website. Overall, the site is content-rich and professionally presented but requires urgent security improvements to enable HTTPS and modern TLS protocols to protect user data and enhance trust. Strategic recommendations include obtaining and maintaining a valid SSL certificate, enabling HSTS, and improving security headers. These steps will significantly improve the security posture and compliance standing of the website.

K

Kreisel Electric GmbH

kreiselelectric.com

0

Kreisel Electric GmbH is a medium-sized Austrian company specializing in advanced battery technology and high-voltage battery systems for electrification projects across commercial, marine, off-highway, and motorsport sectors. The company leverages patented immersion cooling technology to deliver high safety, performance, and longevity in their products. Their market position is strengthened by strategic partnerships with industry leaders such as BASF and Allego, reflecting a commitment to sustainability and innovation. The website is professionally designed, content-rich, and targets B2B customers seeking electrification solutions. Technically, the site is built on WordPress with modern SEO and marketing tools like Google Tag Manager and OneTrust for cookie consent. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy compliance is addressed through comprehensive policies linked to Deere & Company, indicating a strong privacy posture. Contact information is clearly provided, enhancing business credibility. Overall, while the business and technical maturity are solid, urgent improvements in security infrastructure are recommended.

BEST - Bioenergy and Sustainable Technologies GmbH is a medium-sized Austrian research organization specializing in sustainable bioenergy technologies. The company focuses on developing biomass-based biorefineries, digital methods for energy systems, and sustainable supply and value chains. Their market position is that of a technological leader and research center in Austria and Central Europe, serving research institutions, industry partners, and policymakers. The website provides comprehensive information on projects, publications, and company offices, targeting stakeholders interested in renewable energy and bioeconomy. Technically, the website uses a CakePHP CMS with Bootstrap and common JavaScript libraries but lacks HTTPS, which is a critical security gap. The site is mobile-optimized and has good content quality and navigation but suffers from slow performance and basic SEO and accessibility. Security posture is weak due to missing SSL/TLS and modern security headers, though session cookies are set with secure flags and X-Frame-Options is enabled. Privacy compliance is basic with a cookie consent banner and a privacy policy PDF in German. Contact information is clearly presented with multiple Austrian office locations and verified company emails and phone numbers. Analytics tools include Google Analytics and Matomo, indicating moderate user tracking. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance security headers.

B

bulmor industries GmbH

bulmor-airground.com

0

Bulmor airground technologies GmbH is a specialized manufacturer of medical highloaders (Ambulift SideBull) designed to facilitate safe and efficient boarding of mobility-impaired passengers at airports. The company has a niche market position with patented technology and partnerships with major airports and airlines. The website is built on TYPO3 CMS and uses several JavaScript libraries for enhanced user experience. However, the site lacks a valid SSL certificate, which significantly impacts its security posture. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The domain is mature and trustworthy, registered since 2011 with no suspicious patterns beyond lack of domain protection locks.

K

Startseite - KFV - Kuratorium für Verkehrssicherheit

kfv.at

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 28 security findings identified across all modules.

A

Audit Partner Austria Wirtschaftsprüfer GmbH

auditpartner.at

0

Audit Partner Austria Wirtschaftsprüfer GmbH is a professional services firm specializing in tax consulting and auditing services primarily serving Austrian businesses and professionals. The company emphasizes expertise, personal consultation, and proactive advisory services. Their website reflects a medium-sized firm with a consistent brand and a clear focus on finance-related services. The technical infrastructure is based on WordPress with common web technologies such as jQuery and Bootstrap, hosted on Austrian DNS infrastructure. However, the website lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers like HSTS are present, they are ineffective without HTTPS. The site provides comprehensive contact information and privacy policies, but lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and trustworthy but requires urgent improvements in SSL configuration and security transparency.

Croma-Pharma is a medium-sized Austrian company specializing in minimally invasive aesthetic medical products, including hyaluronic acid fillers, botulinum toxin, skin boosters, and skincare lines with plant-exosomes. The company targets healthcare professionals and aesthetic practitioners, offering both products and business services such as consulting and education. The website is professionally designed with good content quality and clear navigation, supporting multiple languages and regions. Technically, the site uses Silverstripe CMS and integrates Google Analytics and reCAPTCHA for user tracking and security. However, a critical security weakness is the lack of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a solid business presence but requires urgent security improvements to protect user data and enhance trust.

M

MTEL Austria

mtel.at

0

MTEL Austria is a telecommunications provider offering a range of services including mobile tariffs, internet, and TV entertainment packages primarily targeting private and business customers in Austria. The company is part of the Telekom Serbien Group, indicating a solid regional market presence. The website is professionally designed with good content quality, clear navigation, and mobile optimization. It leverages modern JavaScript libraries and integrates marketing and analytics tools such as Google Tag Manager, Hotjar, and Cookiebot for consent management. However, the site currently lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are properly configured, but the absence of HTTPS and modern TLS protocols significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Contact information including email and phone numbers is clearly provided, enhancing business credibility. Overall, the website is functional and professional but requires urgent security improvements to protect user data and build trust.

T

TAUERN SPA World Betriebs GmbH & Co KG

tauernspakaprun.com

0

TAUERN SPA Kaprun is a mature, well-established 4-star superior resort located in the Austrian Alps, offering a comprehensive spa and wellness experience combined with high-quality accommodation and culinary services. The business is part of the VAMED Vitality World group, indicating strong market positioning in the hospitality and wellness sector. The website is professionally designed with rich content, clear navigation, and strong trust signals including multiple awards and certifications. Technically, the site uses Pimcore CMS and integrates modern tracking and consent management tools, but suffers from a critical security weakness due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

S

starlim sterner

starlim-sterner.com

0

starlim sterner is a well-established Austrian manufacturing company specializing in liquid silicone injection molding, holding a world market leader position. Their website reflects a mature business with comprehensive service offerings including product development, tooling, and cleanroom production. Technically, the site is built on WordPress with modern SEO and cookie consent implementations, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with no advanced protections like DNSSEC or security headers. Privacy compliance is strong with GDPR-aligned policies and cookie management. Overall, the business presents a professional image with moderate website performance and good user experience, but must urgently address HTTPS and security hardening to improve trust and security.

Eblinger & Partner Personal- und Managementberatungs GmbH is a medium-sized Austrian consulting firm specializing in executive search, personnel consulting, and development services. Established since the 1990s, it holds a strong market position among Austria's top 10 personal consulting firms and is a member of international networks such as IIC Partners and AESC. The company emphasizes strategic, sustainable consulting with a focus on ESG compliance and diversity. Technically, the website uses jQuery and custom scripts but suffers from slow load times and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of SSL/TLS and security headers, posing risks to user data and trust. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, the website is professional and trustworthy but requires urgent security improvements.

N

New Frontier Investment AG

newfrontier.eu

0

New Frontier Investment AG is a technology-focused investment group based in Vienna, Austria, specializing in leading digital transformation initiatives with enterprise customers globally. The company manages a portfolio of subsidiary companies across various technology sectors, positioning itself as a key player in digital innovation and enterprise solutions. The website reflects a professional business presence with clear branding and consistent messaging about its investment and transformation leadership role. Technically, the website is built on WordPress with common plugins such as LayerSlider and Contact Form 7, but suffers from critical security shortcomings including lack of a valid SSL certificate and disabled HTTPS, which significantly impacts its security posture. The absence of privacy and cookie policies further reduces compliance with GDPR and privacy best practices. Contact information is clearly provided, including a physical address, phone number, and a contact form protected by Google reCaptcha, indicating some level of user interaction security. Overall, the site is functional and professional but requires urgent improvements in security and privacy compliance to meet modern standards.

G

George Labs GmbH

george-labs.com

0

George Labs GmbH operates the digital banking platform 'George', serving over 10 million users across Europe. The platform is positioned as a modern, intelligent, and personal financial companion, backed by Erste Group Bank AG. The website reflects a mature digital presence with professional design, clear branding, and multi-country banking partnerships. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with GDPR-aligned cookie consent and policies. Overall, the business is credible and well-positioned in the European digital banking sector, but must urgently address its SSL issues to ensure user trust and security.

P

Porsche Informatik Gesellschaft m.b.H.

porscheinformatik.at

0

Porsche Informatik Gesellschaft m.b.H. is a medium-sized Austrian company specializing in software solutions and IT services for the automotive industry, operating as a subsidiary of the Porsche Holding group. The company focuses on digitalizing automotive trade and enabling future mobility through specialized software development. Their website reflects a professional and consistent brand image, targeting automotive clients and IT professionals. Technically, the site is built on WordPress with PHP 7.2.24 and Apache, but lacks a valid SSL certificate, which is a critical security shortfall. The absence of HTTPS impacts user trust and security posture significantly. Privacy and cookie policies are well implemented and GDPR compliant, with clear contact information provided. Social media presence is robust, supporting brand trust and outreach.

G

Gerhard Trittenwein

bindertrittenwein.com

0

Gerhard Trittenwein operates a specialized IT consulting and project management business focused on complex IT, change management, and digital transformation projects. The company emphasizes lean and agile methodologies to deliver early and visible results, targeting organizations facing challenging IT projects. The website presents a professional image with clear service offerings and contact information, supported by over 30 years of experience. Technically, the site uses Mono CMS with external CDNs and integrates Google Analytics and ConsentManager for tracking and cookie consent. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw, exposing visitors to risks and undermining trust. Privacy policies and cookie consent mechanisms are in place, indicating GDPR awareness, but no security policy or incident response information is provided. Overall, the business appears legitimate and consistent with its domain registration and DNS records, but urgent improvements in security posture are needed.

Docolution GmbH is a specialized Austrian company providing tailored document management and output management solutions, focusing on quality assurance, accessibility, and customer communication. Their business model targets organizations requiring professional document handling and communication services, supported by consulting and software development. The website reflects a professional presence with clear service offerings and contact information, but lacks some standard compliance documents such as privacy policy and terms of service. Technically, the site uses modern web technologies including JavaScript, jQuery, and Google Analytics, and is mobile optimized with good accessibility features. However, the absence of HTTPS and a valid SSL certificate is a critical security shortfall, exposing users to risks and undermining trust. Security headers are minimal, and no advanced security policies or incident response contacts are published. Overall, the site is functional and credible but requires urgent improvements in security and privacy compliance to meet modern standards.

M

moodley design group

moodley.at

0

Moodley design group is a medium-sized, Austria-based consultancy specializing in brand and business transformation through strategy, design, and technology services. The company targets businesses and organizations seeking to accelerate their brand transformation and growth, especially in challenging times. Their market position is that of an established design and strategy consultancy with an international presence, offering services including brand transformation, product design, and digital product and service design. The website content is professionally crafted, with clear navigation and strong branding consistency, targeting a professional audience. Technically, the website is built on a modern stack including nginx, JavaScript, Vimeo embeds, and uses Usercentrics for consent management and Google Tag Manager for analytics. The CMS appears to be Statamic. However, performance metrics are missing, and the site lacks HTTPS, which is a critical security shortfall. Mobile optimization and SEO are good, but accessibility is basic. From a security perspective, the absence of a valid SSL certificate and HTTPS is a major vulnerability, exposing users to risks. No advanced security headers or policies are implemented, and no incident response or vulnerability disclosure information is available. Cookie consent and privacy policies are present and GDPR compliant, indicating good privacy practices. Overall, the website is professional and trustworthy in business presentation but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect users and improve trustworthiness. Strategic recommendations include immediate SSL installation, security header implementation, and enhanced incident response transparency.

C

Campus Tivoli

politische-akademie.at

0

Campus Tivoli, formerly known as Politische Akademie, is a politically affiliated educational institution serving as a think tank and training center for the Austrian People's Party. It offers political education, seminars, e-learning, podcasts, and publications aimed at fostering liberal-conservative and Christian-democratic political thought in Austria. The website is well-structured, content-rich, and targets politically engaged individuals and learners. Technically, it is built on WordPress with Elementor, WooCommerce, and Tutor LMS plugins, indicating a mature digital infrastructure for content delivery and e-commerce. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Contact information and social media presence are clearly provided, enhancing business credibility.

L

Light for the world INTERNATIONAL

light-for-the-world.org

0

Light for the World International is a well-established non-profit organization founded in 2004, focused on disability rights and eye health globally. The organization operates multiple country-specific websites, indicating a broad international presence and a strong commitment to inclusive education, economic empowerment, and humanitarian action. Their website content is rich, professionally designed, and regularly updated, targeting individuals and organizations interested in disability inclusion and health advocacy. Technically, the website is built on WordPress with modern SEO plugins and accessibility features, providing a good user experience and mobile optimization. However, the hosting environment lacks a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers and best practices are partially implemented but require improvement. The security posture is currently weak due to missing HTTPS and related configurations, posing risks to user data confidentiality and trust. Privacy compliance is well addressed with GDPR-compliant cookie consent mechanisms and a comprehensive privacy policy. Business credibility is high, supported by transparent WHOIS data, trust seals, and clear contact information. Overall, the website is functional and trustworthy from a business and content perspective but requires urgent security enhancements to protect users and improve trustworthiness. Strategic recommendations include immediate SSL certificate installation, enabling HTTPS, and strengthening security headers and protocols.

E

ENERGIEALLIANZ Austria GmbH

energieallianz.com

0

ENERGIEALLIANZ Austria GmbH is a mature and leading energy sales and trading company in Austria, founded in 2001. The company serves a large customer base including private, commercial, and industrial clients with electricity, natural gas, and related services. The website reflects a professional corporate presence with good content quality, customer testimonials, and comprehensive contact information. Technically, the site is built on TYPO3 CMS with standard web technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. However, the lack of visible security policies, incident response contacts, and terms of service pages are gaps in governance documentation. Overall, the website is functional and credible but requires urgent security improvements to protect user data and enhance trust.

N

Netural Group GmbH

netural-group.com

0

Netural Group GmbH is a well-established digital services holding company based in Austria, operating primarily in the DACH region. Founded in 1998, it encompasses one of the longest-standing digital service providers and a company building entity focused on digital business models. The company emphasizes sustainable digital transformation and product development, with a clear market position as a pioneer in the digital space. The website reflects a professional and consistent brand image, targeting businesses seeking digital innovation and company formation services. Technically, the site leverages modern frameworks such as Nuxt.js and Tailwind CSS, hosted on Amazon CloudFront with nginx, ensuring a moderate performance and good mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of advanced security headers, which should be addressed promptly to protect user data and enhance trust. Privacy compliance is adequate with a GDPR-compliant privacy policy, though cookie consent mechanisms are absent. Overall, the site is credible and functional but requires improvements in security and privacy transparency to reach higher trust and compliance levels.

P

Paris Lodron Universität Salzburg

uni-salzburg.at

0

Paris Lodron Universität Salzburg is a large, well-established public university in Austria, founded in 1622. It offers a broad range of academic programs across six faculties and serves approximately 18,000 students. The university maintains a strong regional and international research presence and provides extensive student services and community engagement. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress with common web technologies such as jQuery and CSS. However, the absence of a valid SSL certificate and HTTPS support is a significant security shortfall, exposing users to potential risks. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. The university demonstrates trustworthiness through certifications and active social media engagement.

KAUN GmbH is a medium-sized carpentry business based in St.Florian, Upper Austria, specializing in manufacturing and installation of windows, doors, furniture, sun protection, and window renovation services. The company targets residential and commercial customers within the region, emphasizing quality craftsmanship and sustainability. The website is built on Joomla CMS using the Helix Ultimate framework and incorporates modern frontend technologies such as Bootstrap and jQuery. However, the site lacks HTTPS, which is a critical security deficiency. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Social media presence on Instagram and Facebook supports customer engagement. Overall, the business presents a professional image but must urgently address security gaps to protect user data and improve trust.

F

Freiform Werkzeugbau GmbH

freiform.eu

0

Freiform Werkzeugbau GmbH is a small manufacturing company specializing in tooling, plastic, aluminum, and graphite electrode products, serving clients primarily in Austria, Switzerland, and Germany. The website is built on WordPress with a modern tech stack including PHP 8, Yoast SEO, and GDPR-compliant cookie management. However, the site lacks a valid SSL certificate, exposing it to security risks and reducing trustworthiness. Legal and privacy documentation is comprehensive and GDPR compliant, with a cookie consent mechanism in place. The site uses Matomo for analytics, indicating a moderate level of user tracking with privacy considerations. Overall, the business presents a professional image but must urgently address its lack of HTTPS to improve security and user trust.

P

Pörner Ingenieurgesellschaft mbH

poerner.at

0

Pörner Ingenieurgesellschaft mbH is a well-established independent engineering company specializing in process engineering plant construction, headquartered in Vienna, Austria. With approximately 550 engineers across 10 European locations, the company serves industrial sectors including refineries, petrochemical, chemical, energy, gas, and pharmaceuticals. Pörner is recognized globally for its Biturox® bitumen oxidation technology, having licensed and built over 60 plants worldwide. The website reflects a professional business presence with comprehensive service descriptions and active news updates. Technically, the site is built on TYPO3 CMS with common JavaScript libraries, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, lack of security headers, and no advanced SSL features. Privacy compliance is strong with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

KABEG is a major healthcare provider managing five hospitals in the Kärnten region of Austria, employing approximately 8,000 staff. The organization focuses on delivering professional healthcare services with an emphasis on patient well-being and humaneness. The website serves multiple audiences including patients, healthcare professionals, job seekers, and suppliers. Technically, the site is built on TYPO3 CMS with common web technologies such as jQuery and Bootstrap, hosted likely by A1.net. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, exposing visitors to potential risks. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Business credibility is strong with clear contact information, certifications, and consistent branding.

W

Wiener Messe und Congress GmbH

messe.at

0

Wiener Messe und Congress GmbH operates the VIECON – Vienna Congress & Convention Center, a leading event venue in Vienna offering flexible spaces for congresses, exhibitions, and corporate events. The website presents a professional image with comprehensive information about the venue, services, and sustainability initiatives. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but lacks a valid SSL certificate, resulting in an insecure HTTP-only connection. Security headers are present but insufficient without HTTPS. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is credible and well-structured but requires urgent SSL implementation to improve security and trust.

S

SoftwareOne Österreich GmbH

comparex.at

0

SoftwareOne Österreich GmbH is a leading enterprise software and cloud solutions provider with a strong global presence and local expertise in Austria. The company offers a broad range of services including cloud migration, application modernization, IT asset management, software sourcing, and customer training. Their business model focuses on B2B services, supporting digital transformation initiatives for enterprises across multiple industries. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Vercel, and integrates advanced cookie consent and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses a significant risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism and business credibility but requires urgent improvements in SSL/TLS configuration to enhance security.

D

dwarfs and Giants eG

dwarfsandgiants.org

0

dwarfs and Giants eG is a small Austrian cooperative consultancy specializing in organizational development and new work methodologies. Their website, built on Drupal 10, offers comprehensive content including workshops, client stories, and toolboxes aimed at helping organizations improve work culture and self-organization. The site is well-designed, mobile-optimized, and provides clear navigation and professional content. However, the technical infrastructure lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening the security posture. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the business presents itself as credible and trustworthy, but the lack of HTTPS is a critical security gap that must be addressed.

B

Baschnegger Ammann Partner

bap.cc

0

Baschnegger Ammann Partner is a well-established creative agency based in Dornbirn, Austria, specializing in branding, design, communication, and digital marketing services. With over 40 years of experience, the agency targets small to large companies primarily in the Bodensee region and surrounding economic areas. Their market position is strong within western Austria, supported by a professional website showcasing client references and a consistent brand image. Technically, the website is built on WordPress with a modern tech stack including PHP 8.4.8 and various JavaScript libraries, optimized for mobile and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. The site implements GDPR-compliant cookie consent mechanisms and uses reputable analytics and marketing tools such as Google Analytics and HubSpot. Overall, the business demonstrates high professionalism and trustworthiness but must address its SSL deficiency to improve security posture and user trust.

H

HEROLD Business Data GmbH

ichbinderherold.at

0

HEROLD Business Data GmbH operates a professional career portal focused on online media and marketing services for Austrian businesses. The company is well positioned as a leading website producer and Google Premium Partner with a strong employer brand. The website content is rich, professionally designed, and targets job seekers and SMEs in Austria. Technically, the site uses Mono CMS and integrates modern tracking and consent management tools but lacks HTTPS, which is a critical security gap. The security posture is weak due to the absence of SSL/TLS encryption and missing security headers. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the site is trustworthy but requires urgent security improvements to protect user data and enhance trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

diego5 studios

diego5studios.com

0

diego5 studios is a medium-sized influencer marketing agency and video content production company based in Austria, founded in 2015. It operates the largest influencer community in Austria and offers comprehensive services including influencer marketing, branded entertainment, workshops, and live events. The company targets brands seeking to engage audiences through digital video content and influencer collaborations. The website reflects a professional and consistent brand presence with good content quality and clear navigation, optimized for mobile users. Technically, the site is built on WordPress using common plugins and jQuery libraries, hosted on servers managed by world4you.at. However, the website lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. The business demonstrates legitimacy through client logos and active social media channels.

The United Nations Office for Outer Space Affairs (UNOOSA) operates as a key UN entity facilitating international cooperation in peaceful space activities, space law, and capacity building. It serves a global audience including member states, space agencies, academia, and industry. The website reflects a mature and consistent brand aligned with UN standards, offering comprehensive information on space policy, events, and programs. Technically, the site uses a legacy tech stack with Apache, jQuery, and Bootstrap, but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and lack of modern TLS protocols, exposing users to risks. Privacy compliance is minimal, lacking cookie consent mechanisms and GDPR indicators. Contact information and social media presence are well established, enhancing business credibility. Overall, the site is authoritative but requires urgent security and privacy improvements.

ISOVOLTA AG is an international leader in manufacturing electrical insulation materials, technical laminates, and composite materials, serving over 20 industries including electronics, aviation, and machinery. The company operates globally with multiple production and sales locations across Europe, Asia, and the Americas. Their business model focuses on B2B manufacturing with strong emphasis on innovation and customer-specific product development. The website reflects a professional and consistent brand presence with comprehensive business and contact information.

H

HABAU

habau.at

0

HABAU is a well-established Austrian construction company with over 110 years of experience, offering a broad range of construction services including high-rise construction, civil engineering, pipeline construction, and precast concrete solutions. It operates as part of the larger HABAU GROUP, which has a significant international presence and a large workforce. The website reflects a professional and content-rich digital presence targeting construction clients, partners, and job seekers. Technically, the site is built on WordPress with common performance and cookie management plugins, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Security posture is weak due to missing HTTPS and security headers, exposing the site to risks. Overall, the site is trustworthy and professional but urgently needs to address its SSL and security configuration to protect users and improve trust.

S

SRG IT & Marketing GmbH

leadchamps.co

0

LeadChamps is a small Austrian technology company specializing in sales automation and lead generation services for B2B clients, primarily in the DACH region. Their offerings include intent data lead research, multi-channel campaigns leveraging LinkedIn and email, and a proprietary sales automation platform. The website is built on WordPress with the Divi theme and integrates HubSpot forms for lead capture. While the content is professionally presented and relevant to their target audience, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. The absence of cookie consent mechanisms and limited security headers further weaken their privacy and security posture. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

RUBICON IT GmbH is a medium-sized Austrian technology company specializing in digitalization solutions and IT services. Their product portfolio includes leading software such as Nova Find, a prominent lost and found software in Europe, alongside other enterprise solutions like Acta Nova and Document Partner. The company also offers professional services, managed services, and training, targeting business and public sector clients seeking digital transformation. The website is professionally designed, multilingual, and well-structured, reflecting a mature digital presence. Technically, the site is built on WordPress with various plugins and frameworks, including ASP.NET components, but suffers from critical SSL/TLS misconfigurations, lacking a valid certificate and modern protocol support. Security headers are partially implemented but incomplete, and no advanced security mechanisms like OCSP stapling or session resumption are enabled. Privacy compliance is strong, with clear cookie consent and a comprehensive privacy policy. Social media integration and certifications like Kubernetes demonstrate trust and industry alignment. Overall, the site is functional and business-credible but requires urgent security improvements to protect user data and enhance trust.

B

BRAUNEIS RECHTSANWÄLTE GMBH

bkp.at

0

BRAUNEIS RECHTSANWÄLTE GMBH is a professional law firm based in Vienna, Austria, specializing in corporate and commercial law, litigation, and real estate legal services. The firm targets national and international companies, investors, developers, local authorities, law firms, and private individuals. It holds a reputable market position supported by rankings from Chambers Global and Legal 500, and features client testimonials that reinforce its credibility. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website uses Apache server technology, Alpine.js for frontend interactivity, Algolia for search functionality, and Matomo for privacy-conscious analytics. The site is mobile optimized and accessible, but performance metrics are not provided. Hosting appears to be with a1.net DNS and a dedicated IP address. SEO and navigation are well implemented. Security-wise, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability. Other security best practices such as HSTS, DMARC, DNSSEC, and CAA records are missing. No explicit security or incident response policies are published. The cookie consent mechanism is implemented and GDPR compliant, indicating good privacy compliance. Overall, the website is trustworthy and professional but requires urgent security improvements, especially enabling HTTPS to protect user data and improve trust. Strategic recommendations include installing a valid SSL certificate, enabling security headers, and publishing security policies to enhance the security posture and compliance.

K

K&K Provitrum GmbH

kkprovitrum.at

0

K&K Provitrum GmbH is a specialized machinery and material dealer serving the glass industry in Central, Eastern, and Southeastern Europe. The company offers a comprehensive portfolio of glass processing machines, tools, and consumables, targeting a range of customers from small workshops to large industrial enterprises. Their website reflects a professional and consistent brand presence with clear business and contact information. Technically, the website is built on an Apache server with custom CMS elements and uses modern web technologies, but suffers from slow performance and lacks a valid SSL certificate, which is a significant security concern. Security headers are partially implemented, but the absence of HTTPS and modern TLS protocols exposes the site to risks. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. Overall, the website scores moderately on content quality and business credibility but is penalized heavily for security shortcomings.