Security Directory

U

Universalmuseum Joanneum GmbH

museum-joanneum.at

0

The Universalmuseum Joanneum is Austria's oldest and second largest museum institution, operating 20 museums and one zoo across 14 locations in the Steiermark region. Founded in 1811, it offers a rich cultural, historical, and natural heritage experience to a broad audience including families, schools, and art enthusiasts. The website reflects a professional and comprehensive digital presence with excellent content quality and user experience, supported by a mature TYPO3 CMS platform. However, the technical infrastructure shows significant security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which critically impacts the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, but incident response and security policy information are absent. Overall, the site is trustworthy and credible but requires urgent security improvements to protect user data and enhance trust.

F

Felder Group

felder-group.com

0

Felder Group is a well-established manufacturer and distributor of woodworking machines with a global presence and multiple premium brands. The company offers a wide range of products including bandsaws, CNC machines, edgebanders, and automation solutions, targeting professional woodworking trade and industry sectors. The website is professionally designed, multilingual, and rich in content, supporting a strong brand image and customer engagement through testimonials and social media. Technically, the site uses Pimcore CMS, Cloudflare CDN, and integrates Usercentrics for consent management, but lacks a valid SSL certificate, which is a critical security gap. Security headers are minimal, and no advanced security policies or incident response information is published. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site is credible and trustworthy but requires urgent security improvements to enable HTTPS and strengthen its security posture.

H

HARTL HAUS

hartlhaus.at

0

HARTL HAUS is a well-established Austrian manufacturer specializing in prefabricated wooden houses, with over 125 years of market presence. The company offers a range of modern bungalow and two-story homes, including individually planned dream houses, all produced in Austria with an integrated carpentry workshop. Their market position is strong, being a quality leader with high customer satisfaction. Technically, the website runs on TYPO3 CMS hosted on an Apache Ubuntu server, with modern marketing and consent tools integrated. However, the lack of a valid SSL certificate and HTTPS support is a significant security gap. The site includes comprehensive privacy and cookie policies with consent mechanisms, but lacks explicit terms of service and incident response information. Overall, the business is credible and trustworthy, but the security posture requires urgent improvement to protect user data and enhance trust.

SONNENTOR Kräuterhandels GMBH operates a professional e-commerce and retail platform specializing in organic teas and spices with a strong commitment to sustainability, direct trade, and eco-friendly packaging. The company has a well-established market presence since 1988, targeting consumers interested in organic and sustainable products. The website is well-designed, mobile-optimized, and provides comprehensive content and navigation. Technically, the site uses modern technologies including Pimcore CMS, Bootstrap framework, and integrates multiple marketing and analytics tools such as Google Tag Manager, Matomo, Emarsys, and Kameleoon. However, the security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS support, which is a critical issue that must be addressed promptly to protect user data and maintain trust. Privacy compliance is strong with clear cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business credibility is high, supported by clear contact information, certifications, and consistent WHOIS data.

M

MBIT Solutions GmbH

mbit.at

0

MBIT Solutions GmbH is an established Austrian IT service provider specializing in tailored web and software solutions for medium to large enterprises and public organizations. Their offerings include enterprise-grade websites, web development, industry-specific solutions, and B2B e-commerce platforms. The company has a strong market position supported by over two decades of experience and a portfolio of reputable clients. Technically, the website is built on TYPO3 CMS, hosted on Apache servers, and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and LinkedIn Insight Tag. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which undermines HTTPS security despite the presence of security headers and content security policies. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

L

Ludwig Boltzmann Gesellschaft

rare-diseases.at

0

The Ludwig Boltzmann Institute for Rare and Undiagnosed Diseases (LBI-RUD) is a specialized Austrian research institute focused on investigating rare diseases, particularly those affecting the immune system, blood formation, and nervous system. The institute operated for seven years until March 2023, contributing valuable scientific insights and supporting patients through its research. The website serves as an informational platform targeting researchers, medical professionals, and affected patients, providing news, research areas, and organizational information. The business model is non-profit, funded by grants and public sources, and it operates under the Ludwig Boltzmann Gesellschaft umbrella. Technically, the website is built on WordPress and hosted on servers associated with domaindiscount24.net. While the site has a professional design with good navigation and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This exposes visitors to potential risks and undermines trust. The site uses Matomo analytics for user tracking and includes a cookie consent banner, indicating some level of privacy compliance, though GDPR compliance is not fully evident. Security posture is weak due to missing HTTPS, lack of security headers, and outdated SSL/TLS configurations. No incident response or security policies are publicly disclosed. Contact information is clearly provided, including phone, address, and an obfuscated email address. Social media presence is active across major platforms, enhancing outreach and trust. Overall, the website is functional and informative but requires urgent security improvements to protect users and enhance credibility. Strategic recommendations include implementing HTTPS, improving security headers, and enhancing privacy compliance documentation.

V

VAMED WWH

vamed.com

0

VAMED WWH is a globally recognized provider of modern hospital solutions, specializing in turnkey projects that encompass design, construction, medical equipment supply, and operational support for healthcare facilities. The company has a strong international presence with a portfolio of approximately 1,000 projects across more than 98 countries, serving government health ministries and healthcare providers. The website reflects a professional and comprehensive presentation of their services and project achievements, targeting healthcare infrastructure stakeholders worldwide. Technically, the site is built on WordPress with Elementor and related plugins, offering good mobile optimization and accessibility but suffers from the critical absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the site's security posture and user trust. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the business credibility and content quality are high, but the lack of HTTPS is a major security concern that needs immediate remediation.

Raiffeisen Zertifikate is a leading Austrian financial services provider specializing in certificate investment products, with a strong market position evidenced by multiple awards. The website is professionally designed, content-rich, and targets investors interested in sustainable and flexible investment options. Technically, the site uses TYPO3 CMS, integrates modern analytics and marketing tools, and is hosted behind Cloudflare. However, the security posture is weakened by the absence of a valid SSL certificate and disabled modern TLS protocols, which poses risks to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the site is trustworthy but requires urgent SSL/TLS remediation to improve security and user confidence.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

L

LOOP New Media GmbH

agentur-loop.com

0

LOOP New Media GmbH is a global digital agency specializing in digital brand building, technology, and content production for leading consumer brands. With over 400 talents across 7 offices worldwide, the company serves a diverse portfolio of high-profile clients such as Puma, Red Bull, Audi, and Breitling. The website reflects a professional and consistent brand image targeting enterprises seeking comprehensive digital marketing and content services. Technically, the site is built on Craft CMS, uses Cloudflare for hosting and CDN, and integrates Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap. Security headers are partially implemented, but modern TLS protocols and HSTS are missing, reducing the overall security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Contact information is primarily via email with multiple office locations listed, but no phone numbers are explicitly provided. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust.

E

evolaris next level GmbH

evolaris.net

0

evolaris next level GmbH is a technology-focused company specializing in mobile communication and digital innovation services. Their website highlights their role as a bridge between science and business, offering digital assistance systems, customized solutions, software engineering, user experience design, and research activities. The company targets enterprises seeking to enhance their digital capabilities and innovation potential. The website is professionally designed, with clear navigation and relevant content, supporting their market position as an established innovation center in Austria. Technically, the website runs on WordPress CMS with common plugins such as NextGEN Gallery and EvoSlider, and uses Apache server hosting likely provided by Hetzner. While the site includes Google Analytics for user tracking, performance metrics are not optimal, and mobile optimization is good. However, a critical technical shortfall is the lack of a valid SSL certificate and HTTPS support, exposing users to security risks. From a security perspective, the site lacks HTTPS, HSTS, and modern TLS protocol support, which are fundamental for secure communications. No advanced security headers or incident response contacts are found. The absence of cookie consent mechanisms and limited privacy policy details indicate partial GDPR compliance. The WHOIS data aligns well with the website's business information, supporting legitimacy. Overall, the website presents a moderate risk profile primarily due to missing HTTPS and security best practices. Strategic improvements in SSL configuration, security headers, and privacy compliance would significantly enhance trust and security posture.

CARE Österreich is a well-established non-profit organization focused on humanitarian aid and sustainable development in over 100 countries. The website reflects a professional and content-rich platform targeting donors, partners, and beneficiaries. The technical infrastructure is based on WordPress hosted on WP Engine, utilizing modern plugins and tracking tools with GDPR-compliant cookie consent. However, the absence of a valid SSL/TLS certificate is a critical security flaw that exposes users to risks and undermines trust. While privacy policies and contact information are comprehensive and transparent, the lack of incident response and security policy pages indicates room for improvement in security governance. Overall, the site demonstrates strong business credibility and user experience but requires urgent security enhancements.

Volkswagen Versicherungsdienst GmbH (VVD) is a medium-sized insurance service company operating as a subsidiary of Porsche Bank in Austria. It specializes in providing automotive insurance products and services to customers of Volkswagen Group brands and other vehicle owners. The website presents a professional and consistent brand image with comprehensive service offerings including liability, partial and full coverage insurance, legal protection, and additional guarantees. Technically, the site is built on Craft CMS and leverages Cloudflare for hosting and security, along with modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the security posture. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Contact information is clearly provided, enhancing business credibility.

A

apis labor GmbH

apislabor.at

0

apis labor GmbH is an Austrian company operating as the first fully digitalized GMP laboratory in Austria, offering laboratory and consulting services primarily to the life science sector across Austria and the European Union. The company emphasizes professionalism, flexibility, and extensive experience in the life science field. The website is built on the Squarespace platform, featuring professional design and basic mobile optimization, but lacks performance metrics and advanced accessibility features. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, no modern TLS protocols enabled, and missing security headers such as HSTS. Privacy compliance is partial with a cookie consent banner present but no privacy policy or terms of service pages found. Contact information and social media presence are clearly provided, supporting business credibility. Overall, the website presents a legitimate business but requires significant improvements in security and privacy compliance to meet modern standards.

The domain ipnetcom.at currently hosts a minimal website that immediately redirects visitors to innonet.at. There is no substantive content, metadata, or business information present on the site itself. The domain is registered and DNS records point to a hosting provider associated with innonet.at, indicating a likely relationship or ownership. However, the lack of SSL/TLS encryption and absence of security headers represent significant security weaknesses. No privacy or cookie policies are published, and no contact or business details are provided on the site. Overall, the digital presence is minimal and does not support a standalone business website.

T

Treibacher Industrie AG

treibacher.com

0

Treibacher Industrie AG is a well-established Austrian company specializing in chemical and metallurgical precursors with a global market presence and over 125 years of experience. The website reflects a professional and comprehensive digital presence with detailed product portfolios, sustainability focus, and clear contact information. Technically, the site is built on WordPress with modern plugins for SEO, caching, and cookie management, but critically lacks HTTPS, exposing visitors to security risks. Privacy compliance is well addressed with cookie consent and a detailed privacy policy. The absence of explicit security policies and incident response information suggests room for improvement in security governance. Overall, the site is trustworthy and business credible but requires urgent security enhancements.

FERNBACH Financial Software operates FlexFinance, a specialized software suite designed to optimize lending business processes including loan origination, credit lifecycle management, and risk management. The company targets banks and financial institutions, offering solutions that enhance efficiency, transparency, and compliance. With a user base exceeding 12,000 and over one million credit decisions processed annually, FERNBACH holds a solid position in the finance software niche, supported by multilingual capabilities and a consistent brand presence. Technically, the website employs modern front-end technologies such as jQuery, Bootstrap, and Popper.js, alongside analytics tools like Google Analytics and Microsoft Clarity. However, the site suffers from poor performance with a notably high load time and lacks a valid SSL certificate, which critically undermines its security posture. The absence of HTTPS and security headers exposes the site to potential risks, despite no detected vulnerabilities in SSL protocols themselves. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Contact information is limited but present, primarily via a company email address. The overall website quality is good in terms of design, content relevance, and user experience, though technical and security improvements are necessary. Strategically, the company should prioritize securing its website with a valid SSL certificate and enabling HTTPS to protect user data and improve trust. Performance optimization and implementation of security headers would further enhance the site's security and user experience. Maintaining transparent privacy practices and expanding contact options could strengthen business credibility and customer confidence.

S

Samsung SDI Battery Systems GmbH

samsungsdibs.at

0

Samsung SDI Battery Systems GmbH is a medium-sized company specializing in the development, testing, and industrialization of advanced lithium-ion battery systems for electric and hybrid vehicles. Located in Kalsdorf near Graz, Austria, the company is part of the Samsung SDI family and holds multiple ISO certifications demonstrating a strong commitment to quality, environmental management, information security, and cybersecurity. The website presents a professional and content-rich digital presence targeting automotive OEMs and stakeholders in the e-mobility sector. Technically, the site is built on WordPress with Elementor and uses Matomo for analytics, but lacks HTTPS, which is a critical security shortfall. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company shows a strong market position in energy and transportation sectors with a focus on sustainability and innovation.

Silhouette International Schmied AG is a well-established manufacturer and market leader specializing in premium rimless eyewear. The company targets consumers and businesses seeking high-quality, innovative eyewear products. Their website reflects a professional brand image with consistent messaging and clear business focus. Technically, the website is built on modern technologies including Storyblok CMS and Vue.js, with content delivery optimized via Amazon CloudFront. However, the website lacks a valid SSL certificate and does not support HTTPS, which significantly undermines its security posture. Security headers are partially implemented but cannot compensate for the absence of proper encryption. Privacy and cookie policies are missing, indicating compliance gaps with GDPR and related regulations. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

A

Alicona Imaging GmbH

alicona.com

0

Alicona Imaging GmbH operates as a global provider of optical 3D metrology and surface roughness measurement solutions, specializing in non-contact measurement technologies based on Focus-Variation. The company targets manufacturing sectors such as automotive, aerospace, medical technology, and precision manufacturing, offering devices and automation solutions to enhance quality assurance and production measurement. The website reflects a mature digital presence with professional design, comprehensive content, and active engagement through blogs and events. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. The technical infrastructure leverages modern frameworks and CMS platforms, but performance issues such as slow load times need addressing. Privacy compliance is well managed with cookie consent mechanisms and clear privacy policies. Overall, Alicona demonstrates strong business credibility but must urgently improve its security posture to align with best practices and regulatory requirements.

Ö

ÖAR GmbH

oear.at

0

ÖAR GmbH is a consulting company specializing in regional development, organizational cooperation, and evaluation services primarily targeting organizations, communities, and regions. The company positions itself as a professional and experienced niche player with international reach, supported by a well-structured and content-rich website. Technically, the site is built on WordPress with common plugins and libraries, but suffers from a lack of HTTPS and valid SSL certificate, which significantly impacts its security posture. Privacy and legal compliance are well addressed with clear policies and contact information. Overall, the website is professional and trustworthy but requires urgent improvements in security to protect user data and enhance trust.

K

Kaleidoscope GmbH

kaleidoscope.at

0

Kaleidoscope GmbH is a medium-sized technology company specializing in terminology management, quality management, translation, and documentation services. They provide a comprehensive suite of software and consulting services aimed at enabling businesses to communicate content globally in a consistent and efficient manner. Their market position is supported by long-standing client relationships and partnerships with technology providers such as Eurocom, Congram, and Greatcontent. The website is professionally designed, content-rich, and optimized for SEO, targeting companies seeking global content solutions. Technically, the site is built on WordPress with modern plugins and themes but lacks a valid SSL certificate, which is a significant security concern. The security posture is basic with several missing best practices, including HTTPS and TLS support. Privacy compliance is well addressed with cookie consent and privacy policies in place. Overall, the site is trustworthy but requires urgent security improvements.

I

ING

ing.at

0

The website ing.at serves as an informational landing page announcing the transfer of ING Austria's private banking business to bank99 AG as of November 30, 2021. It provides contact information for former customers and legal representatives handling specific cases. The site is primarily targeted at former ING Austria private banking customers and does not offer active banking services. Technically, the site uses modern web technologies including Lit for UI components, service workers for offline capabilities, and integrates third-party services such as Usercentrics for cookie consent and Webtrekk for analytics. However, the SSL configuration is critically flawed with no valid certificate and no TLS protocols enabled, severely impacting security posture. Security headers are well implemented but undermined by the lack of proper SSL. The domain registration and DNS records are consistent with a legitimate banking entity, and the site includes standard privacy and cookie policies compliant with GDPR. Overall, the site is professional and trustworthy in content but requires urgent remediation of SSL issues to ensure secure user access.

The website for t-systems.at is currently inaccessible, returning a 403 Forbidden error with minimal HTML content, indicating that access is blocked or restricted. The domain is registered and maintained by a reputable telecommunications entity associated with Telekom, as evidenced by DNS and WHOIS data. However, the lack of SSL/TLS encryption and absence of any visible website content or metadata severely limits the ability to assess the company's digital presence and user engagement. The technical infrastructure shows hosting behind an AWS Elastic Load Balancer but without proper HTTPS configuration, which is a critical security gap. Security posture is weak due to missing HTTPS, lack of security headers, and no advanced protections such as HSTS or OCSP stapling. Overall, the site is not currently usable for public interaction or business communication, and the security risks are significant due to the absence of encryption and content access restrictions.

P

PARTNER Consulting+Projects GmbH

partner-cp.com

0

PARTNER Consulting+Projects GmbH is a specialized consulting and project realization company serving cultural institutions and museums primarily in Austria and beyond. With over 30 years of experience, the company offers comprehensive services including consulting, project management, sustainability solutions, and interim management. Their market position is well-established with a strong portfolio of projects and partnerships. Technically, the website is built on WordPress with modern plugins and hosted on WP Engine with Cloudflare CDN, reflecting a mature digital infrastructure. However, the lack of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. Overall, the business demonstrates professionalism and trustworthiness but must urgently address its SSL/TLS security to protect user data and improve trust.

A

Axians ICT Austria GmbH

axians.at

0

Axians ICT Austria GmbH is a well-established IT service provider in Austria, offering a broad range of IT solutions including cloud services, cyber security, enterprise networks, and SAP consulting. The company targets business customers across various industries and emphasizes a human-centric approach to technology. Technically, the website is built on WordPress with modern libraries and integrates analytics and marketing tools such as Matomo and HubSpot. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. Privacy compliance is strong, with comprehensive policies and consent mechanisms in place. Overall, the website is professional and trustworthy but requires urgent improvements in its SSL/TLS configuration to enhance security and user trust.

R

Rosendahl Nextrom GmbH

rosendahlnextrom.com

0

Rosendahl Nextrom GmbH is a well-established global leader in production technologies serving the battery, cable & wire, and optical fiber industries. The company offers sophisticated manufacturing equipment and tailor-made solutions, targeting industrial manufacturers worldwide. The website reflects a mature business with a professional digital presence, including multi-language support and structured data for SEO. Technically, the site uses WordPress with Elementor and performance optimizations like WP Rocket, hosted behind Cloudflare CDN. However, a critical security gap exists as the site lacks HTTPS/SSL encryption, exposing users to potential risks. Privacy compliance is addressed with a privacy policy and cookie consent via Cookiebot. Business credibility is strong with clear contact forms and parent company affiliation to KNILL Gruppe. Overall, the site is content-rich and professionally maintained but requires urgent security improvements.

M

mehrwert.life

ihrmehrwert.at

0

The website ihrmehrwert.at represents a small Austrian consulting and coaching business focused on personal and business transformation for entrepreneurs. The company offers services to help clients develop new behaviors for improved life quality, operational stability, and business model innovation. The site is professionally designed with consistent branding and includes customer testimonials and LinkedIn profiles to build trust. Technically, the site uses the WebPlatform CMS hosted on Amazon AWS, with integrations such as Google Calendar and Google reCAPTCHA. However, the site lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are minimal, and no incident response or security policies are published. Privacy and cookie policies exist but are hosted externally on Google Drive, with a cookie consent mechanism implemented. Overall, the site is functional and informative but requires urgent security improvements to protect user data and enhance trust.

D

Die Presse Verlags-Gesellschaft m.b.H. & Co KG

diepresse.com

0

Die Presse is a prominent Austrian media company operating a comprehensive online news portal offering premium journalism, podcasts, videos, and newsletters targeting German-speaking audiences primarily in Austria. The website demonstrates a mature digital infrastructure leveraging modern JavaScript frameworks (Vue.js), advanced consent management (Didomi), and multiple advertising and analytics platforms. However, the security posture is notably weak due to the absence of a valid SSL certificate and disabled TLS protocols, exposing users to potential risks. Privacy compliance is robust with clear policies and consent mechanisms in place. Overall, the site is professionally designed and content-rich but requires urgent security improvements to protect user data and maintain trust.

D

Design Storz GmbH

designstorz.com

0

Design Storz GmbH is a small, established Austrian design studio with over 38 years of experience specializing in automotive, product, graphic design, branding, and design strategy. The company serves international clients including major automotive brands and consumer product companies. The website is built on WordPress using popular plugins and page builders, presenting professional content and clear navigation primarily in German. However, the technical infrastructure lacks a valid SSL certificate and modern TLS protocols, exposing the site to security risks. Privacy and cookie policies are present and indicate GDPR compliance, but no explicit security or incident response policies are found. Overall, the business credibility is moderate, supported by consistent WHOIS data and a clear contact presence. The security posture is weak due to missing HTTPS and security headers, which should be addressed urgently to protect user data and improve trust.

Ing. Michael Josef EDER operates a small, specialized Baumeister (master builder) business based in Hallein, Austria, offering comprehensive construction planning, execution, management, and consultancy services primarily for private residential, commercial, and industrial clients. The company has an established local presence since 1995 and demonstrates professionalism through certifications and clear contact information. Technically, the website is built on WordPress with Elementor and Yoast SEO, showing good SEO and mobile optimization but suffers from critical security shortcomings due to the absence of a valid SSL certificate and modern TLS protocols. The security posture is weak, lacking essential HTTPS encryption and advanced security headers, which poses risks to user data and trust. Privacy compliance is adequate with a cookie consent mechanism and a privacy policy page, but no incident response or security policy information is provided. Overall, the website is functional and professional but requires urgent security improvements to protect visitors and enhance trust.

C

Comprehensive Nuclear-Test-Ban Treaty Organization

ctbto.org

0

The Comprehensive Nuclear-Test-Ban Treaty Organization (CTBTO) operates as an international governmental entity dedicated to monitoring and enforcing the ban on nuclear tests globally. The organization provides key services including verification regimes, international monitoring systems, data analysis, and on-site inspections, targeting member states, researchers, civil society, and media. The website reflects a professional and authoritative presence consistent with its mission and audience. Technically, the site is built on Drupal 10 with modern frameworks and is hosted behind Cloudflare, leveraging Google Analytics and other monitoring tools. The site is mobile-optimized and well-structured, though performance metrics are unavailable. Security headers are implemented, but a critical issue is the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts the security posture. Security-wise, while the organization employs good header policies and content security policies, the lack of HTTPS and proper TLS support is a major vulnerability. No incident response or security policy pages were found, and cookie consent mechanisms are missing despite tracking usage. DNS records show malformed CAA entries and no DNSSEC, which could be improved. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues and enhancement of privacy compliance mechanisms to improve security and user trust.

S

Sony DADC Europe GmbH

sonydadc.com

0

Sony DADC Europe GmbH operates a professional and comprehensive website presenting itself as a leading end-to-end supply chain and manufacturing service provider primarily serving the entertainment industry. The company offers a broad range of services including micro optics, manufacturing, assembly and packaging, logistics, and global business services. The website is well-structured, professionally designed, and targets B2B clients requiring specialized supply chain solutions. Technically, the site is built on WordPress with common libraries such as jQuery and Swiper.js, and includes SEO optimizations and accessibility features. However, a critical security weakness is the lack of a valid SSL certificate and proper HTTPS configuration, which severely impacts the security posture and user trust. Privacy and cookie policies are comprehensive and GDPR compliant, but no incident response or vulnerability disclosure information is provided. Overall, the site is credible and trustworthy but requires urgent security improvements to protect user data and ensure secure communications.

S

Stieglbrauerei zu Salzburg GmbH

stiegl.at

0

Stiegl Privatbrauerei is Austria's leading private brewery with a rich heritage dating back to 1492. The company offers a broad portfolio of beer specialties, operates an online shop, and provides B2B distribution and technical services. The website reflects a mature digital presence with professional design, comprehensive content, and active marketing integrations. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. The site implements GDPR-compliant privacy and cookie policies with consent mechanisms, indicating good privacy awareness. Overall, the business is well-established and credible, but urgent improvements in security infrastructure are recommended.

A

Addiko Bank AG

addiko.com

0

Addiko Bank AG operates as a regional digital bank serving multiple European countries with a focus on online banking products such as savings accounts and loans. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting retail and corporate banking customers. Technically, the site is built on WordPress with modern plugins and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is critical for a financial institution. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, while the business and technical aspects are solid, the security deficiencies pose a significant risk that must be remediated promptly.

G

GrECo

greco.services

0

GrECo is a well-established insurance and risk management specialist with a strong presence in Central and Eastern Europe, operating since 1925. The company offers a broad range of services including risk consulting, cyber insurance, health and benefits, and international insurance programs. The website reflects a mature digital presence with professional design, multilingual support, and structured data for SEO. However, the technical infrastructure shows critical security weaknesses, notably the absence of a valid SSL certificate and lack of HTTPS support, which undermines user trust and data security. Privacy policies are present and GDPR compliant, but cookie consent mechanisms are minimal. Overall, the site is content-rich and credible but requires urgent security improvements to align with best practices.

L

Lexogen GmbH

lexogen.com

0

Lexogen GmbH is a specialized biotechnology company based in Vienna, Austria, focused on next generation sequencing (NGS) and transcriptomics solutions. The company offers a comprehensive portfolio of RNA analysis products, including RNA-Seq sample preparation kits, RNA spike-in controls, and bioinformatics data analysis services. Their target audience includes researchers, pharmaceutical companies, and academic institutions seeking innovative RNA sequencing and analysis solutions. Lexogen positions itself as a niche leader with ISO 9001 and ISO 13485 certifications, underscoring its commitment to quality and regulatory compliance. Technically, the website is built on WordPress using Elementor and WooCommerce, hosted on Cloudpit infrastructure. The site integrates modern web technologies such as Google Tag Manager and reCAPTCHA for analytics and security. While the site is mobile optimized and SEO friendly with good content quality and navigation, performance metrics are unavailable. The absence of a valid SSL/TLS certificate is a critical security gap, exposing users to insecure HTTP connections. From a security perspective, the site lacks HTTPS, HSTS, and other essential security headers, resulting in a low security posture score. No explicit security or incident response policies are published. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Contact information is detailed and trustworthy, including multiple phone numbers, emails, and physical addresses in Austria and the USA. Overall, Lexogen's website demonstrates strong business credibility and content quality but suffers from a critical security deficiency due to missing HTTPS. Strategic improvements in SSL implementation and security headers are essential to enhance user trust and data protection. The company’s digital maturity is moderate, with opportunities to improve technical infrastructure and security practices to better support its specialized biotech market presence.

M

MIC Datenverarbeitung GmbH

mic-cust.com

0

MIC Datenverarbeitung GmbH operates as a leading global provider of customs and trade compliance cloud software solutions, serving over 1000 customers across more than 55 countries. Their SaaS offerings focus on integrated customs compliance and trade compliance systems, supported by a consistent global service organization. The website reflects a mature digital presence built on TYPO3 CMS, with professional design, clear navigation, and extensive product and service information. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks. Security headers are well implemented, but the lack of TLS and HSTS reduces overall security posture. Privacy compliance is addressed with a cookie consent mechanism and a comprehensive privacy policy, though explicit GDPR compliance indicators could be enhanced. Business credibility is strong, supported by consistent WHOIS data, partner logos, and social media presence. Strategic improvements in SSL deployment and security practices are recommended to elevate trust and compliance.

B

Base-IT GmbH

baseit.at

0

Base-IT GmbH is an Austrian IT service provider specializing in consulting, planning, installation, and maintenance of IT systems, with a strong focus on cybersecurity and managed services for small and medium enterprises (KMU). The company holds recognized ISO/IEC 27001:2022 and ISO/IEC 27701:2019 certifications, underscoring its commitment to information security and data privacy. Their market position is supported by a portfolio of diverse IT services and a visible client base, including references and social media presence. Technically, the website is built on a SilverStripe CMS platform with modern JavaScript libraries such as jQuery, MDBootstrap, Owl Carousel, and Swiper. The hosting appears to be provided by Hetzner. While the site is mobile-optimized and well-structured with good SEO practices, performance data is lacking, and accessibility is basic. The site uses a cookie consent mechanism compliant with GDPR and integrates Google Analytics for performance and user tracking. From a security perspective, the absence of HTTPS and a valid SSL/TLS certificate is a critical vulnerability, severely impacting the overall security posture. Other security best practices such as HSTS, OCSP stapling, and security headers are missing. The company demonstrates good security governance through certifications but lacks visible incident response or vulnerability disclosure policies on the website. Overall, the website is professional and content-rich but requires urgent security improvements to enable HTTPS and enhance security headers. Strategic recommendations include implementing SSL/TLS, publishing incident response policies, and enhancing security controls to improve trust and compliance.

P

pcode

pcode.at

0

pcode is a small Austrian software agency specializing in the development and design of digital products, online shops, and custom software solutions. With approximately 8 years of experience, the company positions itself as a provider of human-centered digital experiences, emphasizing clean code, accessibility, and UX design. Their market presence is supported by client case studies and a professional online presence including social media channels. Technically, the website is built using modern technologies such as React, Nest.js, TypeScript, and Docker, hosted likely on AWS infrastructure, and developed with the Framer platform. However, a critical security weakness is the lack of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Other security headers are present but insufficient to compensate for the missing encryption. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism or GDPR compliance indicators. Contact information is clearly provided via phone, address, and a contact form, enhancing business credibility. Overall, the website is professionally designed and functional but requires urgent security improvements to protect user data and build trust.

The domain fmt.biz is registered to Christof Industries GmbH, an Austrian company with a mature domain age of 23 years. However, the website currently hosts only a default Plesk server placeholder page indicating no active web presence or business content. The technical infrastructure is minimal, running on an nginx server with no valid SSL certificate, resulting in no HTTPS support. Security headers are partially implemented but limited by the lack of HTTPS. There are no privacy, cookie, or terms of service policies, nor any contact information or forms on the site. DNSSEC and CAA records are not enabled, reducing domain security. Overall, the website lacks professional content, security maturity, and privacy compliance, resulting in a low trustworthiness score.

J

Jugend am Werk Steiermark GmbH

jaw.or.at

0

Jugend am Werk Steiermark GmbH is a leading non-profit organization in Austria's Steiermark region, providing a broad range of social services including support for people with disabilities, youth, families, and adults with mental health challenges. Their offerings encompass housing, employment, education, and community integration, positioning them as a key social service provider with a strong regional presence and multiple certifications and awards that underscore their credibility and commitment to quality. The website is built on TYPO3 CMS, hosted on a provider associated with the domain's DNS records, and employs modern web technologies such as Swiper.js and Matomo analytics. While the site is rich in content, well-structured, and accessible, it suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts the security posture score. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Contact information is prominently displayed and verified, enhancing business credibility. Overall, the site demonstrates strong business and content quality but requires urgent security improvements to protect user data and maintain trust.

KPMG Austria GmbH operates a comprehensive and professionally designed website representing its global network of audit, tax, advisory, and legal services. The website targets clients and potential clients primarily in Austria and German-speaking regions, offering detailed insights into their services, industries, and career opportunities. The technical infrastructure leverages Adobe Experience Manager CMS, modern JavaScript frameworks like Vue.js and React, and integrates marketing and analytics tools such as Adobe Analytics, Demandbase, Gigya, and OneTrust for privacy compliance. Despite a strong content and business presence, the website suffers from critical security shortcomings, notably an invalid SSL certificate and lack of TLS protocol support, which significantly impacts its security posture. Privacy and cookie policies are well implemented with consent mechanisms, aligning with GDPR requirements. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

A

AT&S Austria Technologie & Systemtechnik AG

ats.net

0

AT&S Austria Technologie & Systemtechnik AG is a globally recognized leader in high-end printed circuit boards and IC substrates, serving key industries such as aerospace, automotive, communication, and medical technology. The company demonstrates a strong market position with a comprehensive digital presence, including investor relations, career opportunities, and sustainability initiatives. Technically, the website is built on WordPress with modern tools and plugins, offering good SEO and accessibility, though performance is moderate. Security posture is weakened by the absence of a valid SSL/TLS certificate and disabled TLS protocols, which poses significant risks. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent improvements in SSL/TLS configuration are recommended to enhance security and user trust.

V

Vossen

vossen.com

0

Vossen is a well-established European textile company specializing in high-quality towels, bathrobes, and bath mats, with a strong emphasis on sustainability and color variety. The website is a professionally designed e-commerce platform built on Shopify, featuring comprehensive product offerings, customer reviews, and multilingual support. The technical infrastructure leverages modern web technologies and integrates multiple third-party apps for enhanced functionality. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which are critical for secure online transactions and user trust. Privacy compliance is well addressed with visible policies and consent mechanisms. Overall, the site presents a credible and professional business presence but requires urgent security improvements to ensure safe user interactions.

S

Software Daten Service Gesellschaft m.b.H.

sds.at

0

Software Daten Service Gesellschaft m.b.H. (SDS) is a medium-sized Austrian company specializing in software and services for the international financial industry, with additional focus on telecommunications and digital entertainment sectors. The company offers a comprehensive portfolio including securities processing, regulatory reporting, compliance, consulting, managed services, and professional testing. SDS benefits from a strong market position supported by its 50 years of history and affiliation with the Deutsche Telekom Group. The website reflects a professional and consistent brand image targeting financial institutions and related industries globally. Technically, the site is built on WordPress with modern plugins and SEO optimizations, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS support. Security headers are present but insufficient to compensate for the missing encryption. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Contact information is clearly provided, enhancing business credibility. Overall, the site is content-rich and professionally maintained but urgently requires SSL/TLS remediation to improve security posture and trust.

F

feibra GmbH

feibra.at

0

feibra GmbH is a well-established Austrian company specializing in direct marketing and mailing services, including unaddressed and addressed mailings, campaign planning, and geomarketing. The company benefits from over 60 years of experience and is a subsidiary of the Österreichische Post Aktiengesellschaft, positioning it strongly in the Austrian media and marketing sector. The website targets businesses and marketing professionals seeking effective direct marketing solutions across Austria. Technically, the website is built on WordPress with a modern plugin ecosystem and SEO optimization, but lacks a valid SSL certificate, which is a critical security gap. The security posture is basic with some security headers present but no active TLS protocols or certificate transparency compliance. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

The domain hexa.at currently serves as a simple redirect to an external corporate website (nagarro.com). There is no substantive content on the landing page, no privacy or cookie policies, and no contact information provided. The technical infrastructure is minimal, running on an Apache server without HTTPS enabled, which presents significant security risks. DNS and mail configurations indicate use of Microsoft Outlook protection services, and the domain is registered via a reputable Austrian registrar. However, the lack of SSL/TLS and security headers severely impacts the security posture. Overall, the site functions only as a redirect with no direct business presence or user engagement on this domain.

F

Fusonic GmbH

fusonic.net

0

Fusonic GmbH is a medium-sized technology company based in Austria, specializing in software development and UX design with a strong regional presence in Vorarlberg. The company offers a broad range of digital services including software modernization, MVP development, service and process optimization, digital strategy consulting, data analysis, and artificial intelligence solutions. Their market position is supported by over 100 successful projects and long-term partnerships, targeting a wide audience including various industries. The website content is professionally presented with excellent design, clear navigation, and relevant business information. Technically, the site uses modern frameworks such as Symfony and Angular, and is hosted behind Amazon CloudFront CDN, but suffers from a critical lack of valid SSL/TLS configuration, which severely impacts security posture. Security headers are partially implemented, but the absence of HTTPS and TLS protocols is a major vulnerability. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, and the use of Matomo analytics reflects privacy-conscious tracking. Overall, the website is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

M

Miba AG

miba.com

0

Miba AG is a large Austrian industrial company specializing in the development and production of critical components for the energy value chain and transportation sectors. Their product portfolio includes sintered parts, sliding bearings, friction linings, power electronics components, coatings, and eMobility solutions. The company maintains a strong global presence with multiple locations and a focus on sustainable and efficient energy applications. Technically, the website is built on TYPO3 CMS and uses modern JavaScript libraries, but suffers from a critical lack of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the security posture and user trust. The site includes comprehensive corporate information, social media integration, and cookie consent mechanisms, indicating good privacy compliance. However, no explicit security or incident response policies are published. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and business operations.