Security Directory

epunkt GmbH is an established Austrian employment agency specializing in job placement and career coaching services. With a domain age of 22 years and a strong presence in Austria, the company targets job seekers and employers, offering personalized career advice and access to a broad range of job opportunities. The website is professionally designed, content-rich, and provides clear navigation and contact information, supporting a positive user experience and trustworthiness. Technically, the site uses nginx as the server and integrates NewRelic for performance monitoring. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the business is credible and well-positioned in its market, but immediate remediation of security issues is essential.

Austrian Airlines AG operates a comprehensive and professional airline website targeting global travelers seeking flights and related travel services. The site offers extensive booking options, flight management, and loyalty program integration, reflecting a mature digital presence consistent with a major European airline and Lufthansa Group member. The technical infrastructure leverages modern web technologies including Apache server, Adobe Helix, and Maui Design System, with content delivery optimized via Akamai CDN. However, performance metrics indicate slow loading times, suggesting room for optimization. Security posture reveals critical gaps, notably the absence of a valid SSL certificate and disabled TLS protocols, which significantly undermine user trust and data protection. While security headers and content policies are well implemented, the lack of HTTPS is a major concern. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not clearly detected. Overall, the website is highly professional and credible but requires urgent remediation of SSL/TLS issues to ensure secure user interactions and compliance with modern security standards.

KTM AG is a well-established Austrian motorcycle manufacturer with a strong market presence and a focus on transparent communication with investors and the public. The website reflects a professional corporate image with clear navigation and relevant business content. Technically, the site is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Tag Manager and OneTrust for cookie consent. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture, exposing visitors to potential risks. No explicit security or incident response policies are published, which could be a concern for stakeholders. Overall, while the business credibility and content quality are good, the technical and security aspects require urgent improvement to meet modern standards.

Waagner Biro is a large, established company specializing in bridge systems, stage systems, steel and glass constructions, and bridge services, primarily targeting industrial and infrastructure sectors. The website acts mainly as a portal linking to specialized subsidiaries, reflecting a segmented business model focused on engineering and manufacturing. Technically, the site is basic with minimal content and limited modern web features. It uses Apache server technology but lacks HTTPS, which is a critical security deficiency. The absence of privacy and cookie policies on the main domain, as well as no contact information, reduces user trust and compliance posture. Security posture is weak due to missing SSL/TLS, lack of security headers, and incomplete DNS/email security configurations. Overall, the site is functional but requires significant improvements in security and privacy compliance to meet modern standards.

Ö

ÖAMTC - Österreichischer Automobil-, Motorrad- und Touring Club

oeamtc.at

0

ÖAMTC is a large, well-established Austrian automobile and touring club serving over 2 million members. The organization provides a wide range of services including roadside assistance, insurance, travel planning, and member benefits. The website reflects a strong brand presence with comprehensive content and multimedia offerings targeting motorists and travelers in Austria. Technically, the site uses modern technologies such as nginx, RequireJS, JW Player, and integrates with multiple third-party services for analytics and advertising. However, a critical security issue is the lack of a valid SSL certificate and absence of HTTPS support, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent management platform in place. Overall, the site is professional and trustworthy but requires urgent remediation of its SSL configuration to ensure secure user interactions.

BMW.at is the official website for BMW Austria, providing comprehensive information on premium vehicles, including electric and hybrid models, leasing and financing options, and after-sales services. The site targets automotive customers in Austria, emphasizing BMW's premium brand positioning and extensive product offerings. The website is built on a robust technical infrastructure leveraging Adobe Experience Manager and Akamai CDN, ensuring a modern and responsive user experience. Despite the advanced infrastructure, the site currently suffers from an invalid SSL certificate, which undermines its security posture. Security headers are partially implemented, but improvements are needed to fully secure user interactions and data. Privacy and cookie policies are well-presented and GDPR compliant, reflecting BMW's commitment to data protection. Overall, the site demonstrates high professionalism and trustworthiness, with strong brand consistency and extensive content relevant to its audience.

E

EV Group (EVG)

evgroup.com

0

EV Group (EVG) is a well-established company specializing in semiconductor manufacturing equipment and process solutions, including wafer bonding, lithography, and metrology. The company targets semiconductor manufacturers and related industries, positioning itself as a leading supplier with a global presence. The website reflects a professional and comprehensive digital presence with multilingual support and detailed product and technology information. Technically, the site is built on TYPO3 CMS and uses modern tools like Cookiebot and Google Tag Manager, but lacks a valid SSL certificate, which is a significant security concern. Security headers are partially implemented, but the absence of HTTPS and TLS protocols severely impacts the security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional and credible but requires urgent security improvements to protect user data and maintain trust.

F

FH Technikum Wien

technikum-wien.at

0

FH Technikum Wien is Austria's only purely technical university of applied sciences, offering a broad and practice-oriented range of study programs. The institution holds a leading market position in Austria's technical education sector, evidenced by its top ranking in the Industriemagazin and multiple certifications including sustainability and quality management awards. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with good SEO, accessibility, and user experience. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the institution demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to improve security posture.

I

IL – Ingenieurbüro Laabmayr & Partner ZT GesmbH.

laabmayr.at

0

Ingenieurbüro Laabmayr & Partner ZT GesmbH. is a specialized engineering consultancy based in Salzburg, Austria, with a focus on tunnel construction and civil engineering projects. Founded in 1975, the company has established a solid reputation for reliable and punctual project delivery, serving both alpine and urban tunnel projects internationally. Their key services include tunnel construction, comprehensive project services under 'Tunnel Plus', engineering construction, and rock/ground construction. The website reflects a professional business presence with clear service offerings and contact information.

V

voestalpine AG

voestalpine.com

0

voestalpine AG is a globally leading steel and technology group with a strong market position in manufacturing and industrial sectors such as automotive, aerospace, energy, and railway systems. The company operates worldwide with a large enterprise footprint and emphasizes sustainability and innovation through initiatives like the greentec steel program. The website reflects a mature digital presence with multilingual support, comprehensive corporate and investor information, and active social media engagement. Technically, the site uses modern tools including Usercentrics for consent management and JW Player for media, hosted on AWS CloudFront CDN. However, a critical security weakness is the invalid or missing SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information is clearly provided, though no direct company emails are visible. Overall, the site is professional and trustworthy but requires urgent SSL and TLS remediation to ensure secure user interactions.

M

MED-EL Medical Electronics

medel.com

0

MED-EL Medical Electronics is a mature and globally recognized healthcare company specializing in hearing implants and solutions. Their website provides comprehensive information about cochlear implants, middle ear implants, bone conduction systems, and related accessories, targeting individuals with hearing loss and healthcare professionals. The company maintains a strong market position as a leading hearing implant provider with a large operational scale and a well-established brand since 1996. The website content is professionally curated, with clear navigation and multilingual support, reflecting a high level of digital maturity.

H

Hotel Restaurant Höldrichsmühle

hoeldrichsmuehle.at

0

Hotel Restaurant Höldrichsmühle is a historic hospitality business located in Hinterbrühl, Austria, offering hotel accommodation, restaurant services, seminar facilities, wedding venues, and equestrian activities. The business targets tourists, local visitors, and corporate clients seeking event spaces near Vienna. The website is built on WordPress with modern plugins and SEO optimizations, providing a good user experience and clear navigation. However, the absence of a valid SSL certificate is a critical security flaw that undermines user trust and data protection. The site implements cookie consent mechanisms and displays contact information prominently, but lacks advanced security policies and incident response contacts. Overall, the business appears legitimate and well-established, but the website's security posture requires urgent improvement to meet modern standards.

G

Getzner Werkstoffe GmbH

getzner.com

0

Getzner Werkstoffe GmbH is a well-established company specializing in vibration isolation solutions for the railway, construction, and industrial sectors. With over 50 years of expertise, the company manufactures innovative polyurethane elastomers and elastic modules that reduce noise and vibrations, enhancing product longevity and application suitability. The website reflects a strong market position with comprehensive product and service information targeting construction professionals, urban developers, and industrial clients. Technically, the website employs modern tools such as Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. However, the absence of a valid SSL/TLS certificate and minimal security headers represent significant security vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Security posture is currently weak due to lack of HTTPS and related best practices, exposing users to potential risks. WHOIS data confirms the domain's legitimacy and long-term registration, supporting business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect users and enhance trust.

I

iC Consulenten Ziviltechniker GesmbH

ic-group.org

0

iC Consulenten Ziviltechniker GesmbH is a well-established Austrian engineering consultancy firm specializing in integrative solutions across construction, transportation, environment, and energy sectors. With over 22 years of operation and multiple international offices, the company serves clients requiring complex, interdisciplinary project management and engineering expertise. Their website reflects a professional presence with detailed service offerings and a strong partner network. Technically, the site is built on TYPO3 CMS with modern frontend technologies but lacks HTTPS, which is a critical security deficiency. The absence of SSL/TLS exposes visitors to significant risks and undermines trust. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, though incident response and vulnerability disclosure mechanisms are absent. Business legitimacy is strong, supported by consistent WHOIS data and trust indicators such as certifications and social media presence. Strategic improvements in security posture, especially enabling HTTPS and enhancing security headers, are essential to protect users and improve overall trust.

D

Deisl-Beton Ges.m.b.H.

deisl-beton.at

0

Deisl-Beton Ges.m.b.H. is an Austrian company specializing in the manufacturing and distribution of concrete and related construction materials, including transport concrete, aggregates, dry spray concrete, recycling products, and natural stones. The company also provides logistics services such as fleet management and concrete pumps. The website serves as an informational portal for customers and partners, primarily targeting construction professionals and businesses within Austria. The market position appears regional with a focus on quality and service. Technically, the website is built on WordPress 6.1.7, hosted by Futureweb GmbH, and served via Apache. The site uses standard web technologies including jQuery but lacks modern performance optimizations and mobile responsiveness is basic. The absence of HTTPS and a valid SSL certificate is a significant technical and security deficiency, exposing users to risks. No advanced SEO or accessibility features are evident, and performance metrics are missing. From a security perspective, the site lacks HTTPS, HSTS, OCSP stapling, and security headers, which are critical for protecting user data and ensuring trust. No privacy, cookie, or terms of service policies are present, indicating poor compliance with GDPR and related regulations. Contact information is clearly provided, but no incident response or security policy details are available. The domain registration is consistent and legitimate, registered with a reputable Austrian registrar. Overall, the website presents moderate business credibility but suffers from critical security and privacy shortcomings. Strategic improvements in SSL implementation, security headers, and privacy compliance are urgently recommended to enhance trust and protect users. Technical modernization and performance optimization would also benefit user experience and SEO.

N

NTS

nts.eu

0

NTS is a well-established IT services and solutions provider based in Austria, specializing in network infrastructure, security, data center, collaboration, cloud services, and artificial intelligence platforms. The company targets businesses and organizations seeking comprehensive digital transformation and managed services. Their market position is strong regionally with a broad portfolio of key services and a consistent brand presence. Technically, the website is built on WordPress with modern plugins and tracking tools, but suffers from critical security shortcomings due to the lack of a valid SSL certificate and disabled TLS protocols. Security headers are well implemented, but the absence of HTTPS significantly undermines the security posture. Privacy compliance is robust with clear cookie and privacy policies and consent mechanisms. Overall, the website is professional and content-rich, but the lack of HTTPS is a critical risk that must be addressed immediately.

ams-OSRAM AG is a global leader in innovative light and sensor solutions, offering a broad portfolio including high-performance LEDs, lasers, mixed-signal analog ICs, and sensors tailored for automotive, industrial, medical, and consumer applications. The company positions itself as a technology innovator with a strong focus on quality and customer engagement, supported by comprehensive investor relations and sustainability initiatives. The website reflects a mature digital presence with modern frameworks and a professional design, targeting B2B customers and industry partners worldwide. However, the absence of a valid SSL certificate is a critical security gap that undermines trust and secure communications. Privacy compliance is well addressed with clear policies and consent management mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to enhance security posture.

S

STRABAG SE

strabag.com

0

STRABAG SE is a leading European construction and technology company specializing in infrastructure, building construction, and specialized construction sectors. The company emphasizes innovation, sustainability, and quality, positioning itself as a market leader with a comprehensive portfolio of services including road construction, civil engineering, and tunneling. The website content reflects a mature enterprise with a strong focus on ESG principles and investor relations, targeting investors, clients, and partners in the construction and infrastructure sectors. Technically, the website employs standard web technologies such as jQuery and custom JavaScript, hosted on Microsoft Azure with DNS managed via AWS. While the site is content-rich and well-structured with good SEO and mobile optimization, it suffers from critical security shortcomings, notably the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts its security posture. Security analysis reveals a lack of essential security headers, no DNSSEC or CAA records, and no advanced SSL features like OCSP stapling or session resumption. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, but incident response and vulnerability disclosure policies are not evident. Overall, STRABAG SE's website demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and adopting DNS security measures to align with best practices.

The website greiner-extrusion.at is currently inaccessible, displaying a 'This store is unavailable' error page with an HTTP 500 status code. The lack of any meaningful content, contact information, or business details severely limits the ability to assess the company's market position or services. The domain is registered through a reputable registrar and uses Google Domains nameservers, but no SSL certificate is installed, and HTTPS is not enabled, which is a critical security deficiency. Performance is extremely poor with a very slow load time and no page content delivered. No privacy or cookie policies are present, indicating non-compliance with GDPR and other privacy regulations. Overall, the site lacks professionalism and trustworthiness in its current state.

HOT Engineering GmbH operates a professional website serving the energy sector, specializing in consultancy, laboratory services, software, and training focused on underground energy storage and oil & gas field development. The company positions itself as a leading provider with a mature domain and a consistent business presence. The technical infrastructure is based on WordPress with common plugins and hosted by Hetzner, but lacks HTTPS, which is a critical security gap. The site includes cookie consent mechanisms and privacy policies compliant with GDPR, reflecting good privacy practices. However, the absence of SSL/TLS encryption significantly impacts the security posture and overall trustworthiness. Strategic improvements in security configuration are essential to protect user data and enhance credibility.

The website stroeck.at currently serves minimal content, consisting solely of a warning message advising users to use HTTPS instead of HTTP for security reasons. There is no visible business information, metadata, or interactive elements such as forms or contact details. The domain is registered through A1 Telekom Austria AG, a reputable registrar and hosting provider in Austria, indicating legitimacy of the domain ownership. However, the lack of SSL/TLS certificate and absence of HTTPS severely undermines the site's security posture. Technically, the website lacks modern security configurations including TLS protocols, security headers, and HSTS. No analytics, advertising, or tracking technologies are detected, suggesting a very basic or placeholder site. Performance data is unavailable due to minimal content. The absence of privacy, cookie, or terms of service policies indicates non-compliance with GDPR and other privacy regulations. From a security perspective, the site is at high risk due to the lack of encryption and security best practices. This exposes visitors to potential interception and undermines trust. The domain registration is consistent and legitimate, but the website itself does not provide sufficient information or security assurances to users. Overall, the site scores very low on content quality, technical implementation, security posture, and privacy compliance. Immediate actions are recommended to implement HTTPS, add security headers, and provide essential business and privacy information to improve trust and compliance.

S

Schrack Seconet AG

schrack-seconet.com

0

Schrack Seconet AG is a well-established international high-tech company based in Austria, specializing in fire protection, healthcare communication systems, and security solutions. The company has a strong market position supported by decades of experience and a broad portfolio of products and services including fire alarm systems, healthcare communication, and lifecycle support. Their website reflects a professional and consistent brand image targeting authorities, specialists, and healthcare providers. Technically, the website is built on TYPO3 CMS, uses Apache server, and integrates modern analytics and cookie consent tools. However, the site suffers from a critical security weakness due to the absence of a valid SSL certificate and disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is content-rich, user-friendly, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

G

Gerot Lannach

gl-pharma.at

0

GL Pharma, operating under the legal name Gerot Lannach, is a medium-sized healthcare company based in Austria specializing in the development, production, and marketing of branded pharmaceuticals and generics. The company targets healthcare professionals including doctors, pharmacists, and wholesalers, positioning itself as a reputable provider in both Austrian and international markets. The website reflects a professional digital presence with multilingual support and structured data enhancing SEO and user experience. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security gap that undermines user trust and data protection. The site employs common WordPress technologies and integrates cookie consent mechanisms compliant with GDPR, indicating a reasonable level of privacy awareness. Overall, the business demonstrates solid market positioning but requires urgent improvements in security infrastructure to align with best practices.

M

MCI | Die Unternehmerische Hochschule®

mci.edu

0

The Management Center Innsbruck (MCI) is a well-established entrepreneurial university located in Austria, offering a broad range of academic programs including Bachelor, Master, and Executive Education degrees. The institution emphasizes internationality, academic quality, and practical relevance, serving students, professionals, and corporate partners. The website reflects a strong brand presence with comprehensive content, testimonials from notable figures, and active social media engagement. Technically, the site is built on Joomla CMS with modern frontend technologies but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Security headers are partially implemented, and DNS configurations show some misconfigurations such as malformed CAA records. Privacy compliance is moderate with a clear privacy policy but lacking cookie consent mechanisms. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

R

Raiffeisen Bausparkasse Gesellschaft m.b.H.

bausparen.at

0

Raiffeisen Bausparkasse Gesellschaft m.b.H. is a well-established Austrian financial services company specializing in building savings contracts and financing solutions for housing and related needs. The company has a strong market presence with over 60 years of experience and offers a range of products including classic building savings, financing for construction, renovation, education, and health care. The website reflects a professional and consistent brand image targeting private individuals seeking secure and reliable financial products. Technically, the site is built on Adobe Experience Manager and uses modern web technologies such as AngularJS and Adobe DTM for analytics and marketing. It is hosted behind Cloudflare, ensuring good performance and security at the network level. However, a critical security issue is the invalid or missing SSL certificate and lack of TLS protocol support, which severely impacts the security posture and user trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism in place. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Pilz GmbH & Co. KG operates an international website focused on providing comprehensive automation technology solutions, emphasizing safety and industrial security. The company targets industrial automation professionals and machine builders, offering components, systems, and services to ensure safe automation worldwide. The website is professionally designed with clear navigation and multilingual support, reflecting a strong market position in manufacturing and technology sectors. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, but suffers from critical SSL/TLS misconfigurations that undermine its security posture. Security headers are well implemented, but the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the site's security score. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. Business credibility is high, supported by detailed contact information, social media presence, and consistent branding. Overall, the site is functional and professional but requires urgent remediation of its SSL/TLS issues to improve security and trust.

V

VDEL

vdel.com

0

VDEL is an established software company founded in 1993, specializing in customized software solutions including document and process management, blockchain, big data, and AI. The company operates internationally with subsidiaries in Belgrade and Katowice and serves businesses seeking integrated IT solutions. Their business model includes distribution and multilingual support, leveraging partnerships such as Software United. Technically, the website uses Bitrix CMS with common web technologies and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of privacy and cookie policies indicate significant security and compliance gaps. The security posture is weak due to missing HTTPS and security policies, exposing users to risks. Overall, the website is functional and professional but requires urgent improvements in security and privacy compliance to enhance trust and protect user data.

R

Regionalmedien Austria AG

regionalmedien.at

0

Regionalmedien Austria AG is a leading Austrian regional media company with a broad portfolio of digital and print products, including well-known brands such as MeinBezirk.at and BezirksBlätter. The company focuses on local and regional news coverage, serving communities across all Austrian states. Their business model centers on media publishing and advertising services, positioning themselves as innovation drivers in the regional media market. The website reflects a mature digital presence with professional design, structured data, and comprehensive content tailored to their target audience of regional readers and businesses. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Cookiebot, but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. Security posture is basic with no advanced headers or incident response information. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to meet modern standards.

S

Stadt Wien – Wiener Wohnen Kundenservice GmbH

wrwks.at

0

Stadt Wien – Wiener Wohnen Kundenservice GmbH is a municipal service provider based in Vienna, Austria, focused on delivering social and sustainable solutions within the city's organizational network. The company has evolved from a small marketing and call service agency into a medium-sized enterprise offering comprehensive construction and communication services. Their ISO 9001:2015 certification underscores their commitment to quality and customer satisfaction. Technically, the website is built on WordPress with modern JavaScript frameworks and plugins, providing good accessibility and SEO optimization. However, the lack of a valid SSL certificate and proper HTTPS configuration significantly undermines the site's security posture. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing. Privacy compliance is well addressed with a comprehensive privacy and cookie policy, including consent mechanisms. Overall, the business credibility is strong with clear contact information and trust indicators. Strategic improvements in SSL/TLS deployment and security policy transparency are recommended to enhance trust and security.

The United Nations Industrial Development Organization (UNIDO) is a well-established intergovernmental organization focused on promoting industrial development for sustainable economic growth and poverty reduction. The organization operates globally with a strong presence in Austria, where it is headquartered. UNIDO's key services include technical cooperation, policy advice, capacity building, and implementation of industrial development programs. The website represents a critical digital asset for UNIDO's communication and outreach efforts. Technically, the website is hosted behind Cloudflare, which provides security and performance services. However, the current website content is inaccessible due to a Cloudflare security challenge page requiring JavaScript and cookies, preventing full content analysis. The SSL/TLS configuration is critically flawed with no valid certificate detected, disabling HTTPS and exposing the site to security risks. Performance metrics are unavailable due to blocked content, and no modern web frameworks or CMS are identifiable from the limited HTML. From a security perspective, while several security headers are implemented, the lack of HTTPS and invalid SSL certificate significantly degrade the security posture. There is no evidence of privacy policies, cookie consent mechanisms, or incident response contacts on the accessible page. WHOIS data is consistent and trustworthy, showing a mature domain registered to UNIDO with no privacy protection, reinforcing the legitimacy of the domain. Overall, the website currently suffers from critical accessibility and security issues that limit its effectiveness and trustworthiness. Strategic improvements in SSL/TLS deployment, content accessibility, and privacy compliance are essential to enhance the organization's digital presence and security posture.

S

SHT Haustechnik GmbH

sht-gruppe.at

0

SHT Haustechnik GmbH is a leading Austrian wholesaler specializing in sanitary, heating, installation, and electrical products, serving primarily professional installers and industry partners. The company operates a comprehensive digital presence including a WordPress-based website, an online shop (sht.at), and regional offices across Austria, positioning itself as the market leader in the haustechnik sector. The website content is well-structured, professionally designed, and includes customer testimonials and partner logos, reinforcing trust and credibility. Technically, the site uses a modern WordPress stack with PHP 8.1 and React components, but lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Privacy compliance is addressed with a cookie consent mechanism and clear privacy and terms of service pages. However, the absence of HTTPS and security headers significantly undermines the security posture. Strategic recommendations include immediate SSL deployment, enabling modern TLS protocols, and enhancing security headers and policies to protect user data and improve trust.

A

AVL List GmbH

avl.com

0

AVL List GmbH is a globally recognized leader in mobility technology, specializing in development, simulation, and testing solutions primarily for the automotive industry. The company offers a broad portfolio of engineering, simulation, and testing services, with a strong emphasis on sustainable and innovative mobility solutions such as hydrogen engines, hybrid powertrains, and fuel cells. Their market position is that of a mature, enterprise-level technology provider with a significant global presence and a history spanning over 28 years. Technically, the website is built on Drupal 10 with modern JavaScript libraries and includes Cookiebot for consent management. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts its security posture. Performance is also a concern, with a notably slow page load time and a large page size. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR compliance indicators. Business credibility is strong, supported by detailed corporate information, consistent branding, and multiple trust signals. Overall, while the business and content quality are excellent, the lack of HTTPS and slow performance are key vulnerabilities that should be addressed promptly.

ERGO Versicherung Aktiengesellschaft operates the website das.at, providing legal protection insurance products under the D.A.S. Rechtsschutz brand in Austria. The company is a market leader with a strong reputation, offering services to private individuals, self-employed, and businesses. The website is professionally designed, content-rich, and targets Austrian customers with comprehensive insurance solutions and customer support channels. Technically, the site is built on TYPO3 CMS with modern web technologies and integrates multiple marketing and analytics tools. However, the absence of a valid SSL certificate and HTTPS support significantly weakens the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. WHOIS data confirms the domain's legitimacy and alignment with the ERGO group. Overall, the website is credible and professional but requires urgent security improvements to protect user data and trust.

H

Heartbeats Innovation & Communication

weareheartbeats.com

0

Heartbeats Innovation & Communication is a small professional service agency based in Vienna, Austria, specializing in responsible business communication and innovation. The company offers services such as impact communication, workshops, mentoring, event design, and content marketing, targeting organizations seeking to create value responsibly. The website is built on the Wix platform, leveraging modern web technologies including React 18 and Wix-specific widgets for video, galleries, and chat. While the site presents professional content and clear contact information, it suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support, which significantly undermines user trust and data security. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are found. Overall, the site is functional and moderately optimized but requires urgent security improvements.

W

Wolf Theiss – Leading Lawyers in CEE/SEE

wolftheiss.com

0

Wolf Theiss is a leading law firm specializing in Central, Eastern, and South-Eastern Europe, with over 400 lawyers across 13 countries. The firm offers comprehensive legal services spanning arbitration, banking, capital markets, intellectual property, and more, targeting international clients and businesses operating in the CEE/SEE region. The website reflects a mature, professional organization with strong branding, extensive content, and a focus on accessibility and compliance. Technically, the site is built on WordPress with modern SEO and accessibility plugins, but suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS support. Security headers are well configured, but the lack of TLS protocols and valid certificates significantly lowers the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Schrack Technik GmbH is a well-established Austrian company founded in 1920, specializing in the distribution and provision of electrical products and solutions across energy technology, building technology, industrial applications, networking, and lighting. The company operates a comprehensive online shop and physical stores, targeting electricians and industrial clients primarily in Austria and Central/Eastern Europe. Their market position is strong, supported by a broad product portfolio and personal customer service. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates a consent management platform for privacy compliance. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy and cookie policies are well implemented, and the site shows good business credibility with ISO certification and trust marks. Overall, the website is professional and content-rich but requires urgent security improvements.

D

delfortgroup AG

delfortgroup.com

0

delfortgroup AG is a mature, enterprise-level global manufacturer specializing in specialty and functional papers, serving industries such as packaging, tobacco, battery separators, and more. The company emphasizes sustainability and innovation, supported by a comprehensive digital presence including detailed product catalogs, sustainability reports, and career opportunities. Technically, the website is built on a modern WordPress CMS with Elementor and Yoast SEO, leveraging various JavaScript libraries and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of HTTPS enforcement represent critical security weaknesses. Security headers are present but insufficient without proper TLS configuration. The domain is well-established with consistent WHOIS data, supporting business legitimacy. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

The domain conversations.at is registered and hosted with a reputable Austrian registrar and DNS provider. However, the website itself is effectively empty, serving only a minimal placeholder with no visible content, metadata, or interactive elements. There is no SSL certificate installed, resulting in no HTTPS support despite the presence of a Strict-Transport-Security header, which is misconfigured. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. The technical infrastructure is minimal, relying on Apache server software but lacking modern web technologies or performance optimizations. Security posture is weak due to the absence of HTTPS and other security headers, though no active vulnerabilities or malware indicators were detected. Overall, the site presents a low trust profile and limited business credibility.

O

Ottakringer Getränke AG

ottakringerkonzern.com

0

Ottakringer Getränke AG is a well-established Austrian family-owned beverage group comprising key subsidiaries such as Ottakringer Brauerei, Vöslauer Mineralwasser, and Del Fabro Kolarik. The company focuses on manufacturing and distributing beer, mineral water, and beverage wholesale products, targeting both B2B and B2C markets primarily in Austria and neighboring countries. The website content is professionally presented in German, emphasizing sustainability and quality. Technically, the site is built on Joomla CMS with common web technologies like jQuery and Bootstrap, and it integrates Google Analytics for user tracking. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no functional HTTPS, which significantly impacts its security posture. Security headers are partially implemented, and cookie consent mechanisms are in place, indicating reasonable privacy compliance. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in SSL configuration and security practices to enhance trust and protect user data.

R

redmail Logistik & Zustellservice GmbH

redmail.at

0

redmail Logistik & Zustellservice GmbH is an established Austrian media distribution and logistics service provider specializing in the delivery of print advertising such as flyers and brochures. The company operates multiple offices across Austria and offers an online booking platform for print and delivery services. Their market position is supported by recognized certifications and a professional web presence. Technically, the website is built on WordPress with common plugins and modern design elements, but suffers from a critical lack of HTTPS and proper SSL/TLS configuration, exposing users to security risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, while the business is credible and well-presented, the security posture requires urgent improvement to protect customer data and maintain trust.

G

Gewista

gewista.at

0

Gewista is a leading Austrian media company specializing in Out-of-Home advertising, operating under the majority ownership of global market leader JCDecaux. The company offers a broad portfolio of advertising media including traditional billboards, street furniture, and transport media, with a strong focus on digital innovation and public value initiatives. The website reflects a mature digital presence built on Drupal 10, leveraging modern JavaScript libraries and CDN hosting. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Additionally, a subdomain takeover vulnerability was identified, posing a risk to brand reputation and security. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

M

MPREIS

mpreis.at

0

MPREIS is a well-established Austrian supermarket chain offering a broad range of grocery and related products both in physical stores and online. The website reflects a mature digital presence with detailed product catalogs, recipe inspirations, and a focus on regional and organic products. The company maintains active social media channels and provides comprehensive privacy and cookie policies with consent management, indicating good privacy awareness. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates advanced marketing and search tools like Bloomreach and Algolia. However, the absence of a valid SSL certificate and lack of HTTPS support represent significant security shortcomings, exposing users to potential risks. Security headers are partially implemented, but critical TLS protocols and cipher suites are missing, reducing the overall security posture. The domain registration and hosting are consistent with the business claims, registered under A1 Telekom Austria AG, a reputable provider. No WAF or security challenge blocks access, allowing full content analysis. Privacy compliance is strong, but the lack of incident response and security policy pages suggests room for improvement in security governance. Overall, MPREIS demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to protect users and enhance trust. Strategic security enhancements and continuous compliance monitoring are recommended to maintain its market position and customer confidence.

F

FHV - Vorarlberg University of Applied Sciences

fhv.at

0

FHV - Vorarlberg University of Applied Sciences is a medium-sized educational institution based in Austria, offering a wide range of Bachelor and Master programs across technical, economic, design, and social-health disciplines. The institution emphasizes applied research and international cooperation, positioning itself as a leading university of applied sciences in the Bodenseeraum region. The website is professionally designed, content-rich, and well-structured, targeting prospective students, researchers, and academic partners. Technically, the site uses modern CMS Pimcore and Vue.js frontend framework, with Google Tag Manager for analytics and Cookiebot for consent management. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, despite having security headers and HSTS configured. This exposes users to potential risks and undermines trust. Contact information is clearly provided, and privacy policies comply with GDPR standards. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to improve security posture and user trust.

Ö

Österreichische Lotterien GmbH

lotterien.at

0

Österreichische Lotterien GmbH operates as the official national lottery provider in Austria, offering a wide range of lottery games, including Lotto 6 aus 45, EuroMillionen, and various scratch cards. The website serves as a comprehensive platform for game participation, result checking, and customer engagement, targeting Austrian lottery players and stakeholders. The company holds a strong market position as a government-associated entity with multiple subsidiaries in the gaming sector. Technically, the website is built on TYPO3 CMS and integrates modern analytics and consent management tools, demonstrating a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Despite this, the site implements several security headers and maintains a responsible disclosure page, reflecting a commitment to security awareness. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

S

sklera KG

sklera.tv

0

Sklera KG operates a technology-focused website likely offering software solutions or digital services, as indicated by the use of Next.js and references to demos and newsletters. The company is based in Austria and has maintained the domain for over 9 years, reflecting a mature business presence. However, the website content is minimal and primarily serves as a contact and demo request portal without detailed business descriptions or extensive content. The technical infrastructure leverages modern frameworks but lacks critical security implementations such as HTTPS, valid SSL certificates, and security headers, which significantly undermine the site's security posture. Additionally, the absence of privacy and cookie policies indicates poor compliance with data protection regulations. Overall, the website presents a basic digital footprint with moderate business credibility but requires urgent security and compliance improvements to enhance trust and protect user data.

F

Frequentis

frequentis.com

0

Frequentis is a well-established company specializing in safety-critical communication and information solutions with over 75 years of market presence. The company serves key sectors including civil aviation, defence, public safety, maritime, and public transportation, positioning itself as a leader with a strong focus on innovation and user-centric design. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to government agencies and large organizations. Technically, the site is built on Drupal 10 with modern libraries and integrates multiple marketing and analytics tools. However, the absence of a valid SSL/TLS certificate and HTTPS support is a significant security gap, impacting the overall security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

V

VIER PFOTEN International – gemeinnützige Privatstiftung

four-paws.org

0

FOUR PAWS International is a globally recognized non-profit animal welfare organization dedicated to protecting animals under human influence. The organization operates multiple country offices and campaigns worldwide, focusing on rescue missions, veterinary care, sterilization of stray animals, and advocacy against animal cruelty. Their website reflects a professional and comprehensive digital presence, targeting animal welfare supporters, donors, and volunteers. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, incorporating modern JavaScript libraries such as Splide.js and Google Tag Manager for analytics and marketing. However, a critical security weakness is the absence of a valid SSL certificate and lack of TLS protocol support, which significantly undermines the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

G

GEZE GmbH

geze.at

0

GEZE GmbH is a globally recognized family-owned company specializing in manufacturing and providing innovative door, window, and safety technology solutions. The company has a strong market position with over 3,000 employees and 37 subsidiaries worldwide, focusing on digital connectivity and building automation. The website reflects a professional and comprehensive presentation of their products and services, targeting architects, planners, and building operators. Technically, the site uses TYPO3 CMS hosted on AWS CloudFront with modern content delivery but suffers from critical SSL/TLS misconfigurations, impacting security posture. Privacy compliance is well addressed with a clear privacy policy and consent management via Usercentrics. The site offers multiple contact channels and social media presence, enhancing business credibility. However, the invalid SSL certificate and lack of HTTPS protocols represent significant security risks that should be urgently addressed.

B

Bacon & Bold

baconbold.com

0

Bacon & Bold is a medium-sized performance branding and social media marketing agency based in Austria, founded in 2016. The company positions itself as a leading social media agency focused on delivering measurable business success through targeted digital marketing strategies, workshops, and AI-driven applications. Their client portfolio includes notable companies such as Siemens, Wiener Linien, and voestalpine AG, underscoring their market presence and credibility. Technically, the website is built on Webflow CMS, uses modern web fonts, Google Tag Manager, and is hosted via Cloudflare and Azure services. While the site is well-designed, mobile-optimized, and rich in content, it suffers from critical security issues including an invalid SSL certificate and a subdomain takeover vulnerability. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

J

Jung von Matt

jvm.at

0

Jung von Matt is a well-established independent global creative agency specializing in marketing communications and branding services. The company targets brands and businesses seeking innovative and culturally impactful marketing solutions. Their website reflects a strong market position with a professional design, consistent branding, and comprehensive content showcasing their key services and projects. The technical infrastructure leverages modern technologies such as Netlify hosting, Contentful CMS, Matomo analytics, and Usercentrics for consent management, indicating a mature digital presence. However, the website currently suffers from an invalid SSL certificate, which undermines the security posture and user trust. While privacy and cookie policies are well implemented and GDPR compliant, the absence of explicit security policies and incident response information suggests room for improvement in security transparency. Overall, the site is professional and trustworthy but should prioritize fixing SSL issues and enhancing security disclosures to improve its risk profile.