Security Directory

I

ICB Engineering GmbH

icb-engineering.at

0

ICB Engineering GmbH is a small Austrian engineering firm specializing in energy and process plant engineering, offering services such as pre-engineering, process design, and project management. The company emphasizes quality and environmental responsibility, holding ISO 9001 and ISO 14001 certifications. Their website is professionally designed using WordPress and common plugins, targeting industrial clients and engineering professionals. However, the absence of HTTPS is a critical security flaw that undermines trust and data protection. The site includes cookie consent mechanisms but lacks explicit privacy policy and incident response disclosures. Overall, the company presents a credible business with moderate digital maturity but requires urgent security improvements.

F

FACC AG

facc.com

0

FACC AG is a mature and leading aerospace company specializing in the design, production, and maintenance of advanced lightweight components and systems for the global aviation industry. The company maintains strong partnerships with major aerospace manufacturers such as Airbus, Boeing, and Embraer, and offers a broad portfolio including aerostructures, engines, nacelles, cabin interiors, and MRO services. The website reflects a professional and well-branded digital presence targeting industry partners, investors, suppliers, and job seekers. Technically, the site is built on WordPress with modern JavaScript frameworks like Vue.js and uses Amazon CloudFront CDN for hosting. However, performance metrics are missing, and the site appears to load slowly. Security posture is a significant concern due to the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is credible and professional but requires urgent security improvements to protect user data and maintain trust.

A

AVL Cultural Foundation GmbH

avlcf.com

0

AVL Cultural Foundation GmbH is a small, Austria-based cultural foundation dedicated to fostering the intersection of art and science through innovative projects, artistic installations, and interdisciplinary discussions. The organization targets artists, scientists, and cultural enthusiasts, positioning itself as a niche player in the cultural foundation sector. The website is built on Drupal 10 and hosted likely on AWS infrastructure, demonstrating a moderate level of digital maturity with good mobile optimization and accessibility. However, the absence of HTTPS/SSL is a critical security flaw that severely impacts the site's security posture. Privacy and cookie policies are well implemented with a consent mechanism via Cookiebot, reflecting good privacy compliance. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is professional but requires urgent security improvements.

cargo-partner is a midsized logistics and transportation company specializing in integrated supply chain solutions including air, sea, rail, and road freight, as well as warehousing and SCM services. The company targets businesses requiring comprehensive logistics support and operates with a pan-European and global presence. The website reflects a professional business with consistent branding and a clear service offering. Technically, the site is built on TYPO3 CMS with PHP backend and uses modern web technologies including Friendly Captcha and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but lack a proper Content-Security-Policy. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism. Overall, the website is functional but requires urgent security improvements to protect user data and enhance trust.

B

Bene GmbH

bene.com

0

Bene GmbH is a well-established Austrian manufacturer and international supplier of high-quality office furniture and workspace solutions, with a history dating back to 1790. The company positions itself as a leader in modern office design, combining Austrian quality with innovative and functional products. The website is built on TYPO3 CMS and uses modern web technologies, but lacks a valid SSL certificate, which is a critical security shortfall. The site includes comprehensive content, a contact form with CAPTCHA, and social media integration, but does not implement cookie consent mechanisms or advanced security headers. Overall, the business is credible and well-presented, but the lack of HTTPS significantly impacts the security posture.

B

Baustoffservice

baustoffservice.at

0

Baustoffservice is a small Austrian manufacturing business specializing in patented lightweight concrete products (VULKAN and LAVA). With over 30 years of industry experience, they serve architects, construction firms, and public space planners by providing half-finished concrete parts, furniture, and facade elements. Their website is built on the 1AND1/IONOS platform and uses standard web technologies including jQuery and Mapbox. While the site presents clear contact information and social media presence, it suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which severely impacts trust and security posture. Privacy compliance is basic, with a cookie notification but no detailed privacy or security policies. Overall, the site is functional and professionally designed but requires urgent security improvements.

S

SANOVA®

sanova.at

0

SANOVA Pharma GesmbH is a well-established Austrian healthcare company with over 70 years of history, specializing in brand management, medical systems, and logistics services for the healthcare industry. The company operates primarily in Austria with subsidiaries in the Czech Republic and Switzerland, serving additional markets in Eastern Europe and Asia. Their business model focuses on importing valuable healthcare products, providing specialized logistics services, and supporting healthcare professionals with medical technology solutions. The website reflects a professional and consistent brand presence with comprehensive business information and contact details.

S

Studio F. A. Porsche

studiofaporsche.com

0

Studio F. A. Porsche is a premium design agency originating the Porsche Design brand, offering product, mobility, space, and digital design services to a global clientele. The website presents a professional portfolio with extensive project showcases and clear contact information, targeting premium clients worldwide. Technically, the site runs on WordPress with common plugins and libraries but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. The site implements cookie consent mechanisms and minimal tracking compliant with GDPR. Security posture is weak due to missing HTTPS and security headers, though no active vulnerabilities were detected. Overall, the site is professional and trustworthy from a business perspective but requires urgent security improvements.

G

Grand Hotel Wien

grandhotelwien.com

0

Grand Hotel Wien is a well-established luxury hospitality business located in Vienna, Austria, with a history dating back to 1870. The website presents a professional image with comprehensive information about its services including luxury accommodations, gourmet dining, spa, and event hosting. The business is positioned as a high-end hotel targeting affluent travelers and tourists seeking premium experiences. Technically, the website uses a mix of modern JavaScript libraries and frameworks such as AngularJS, jQuery, and Foundation CSS, hosted behind Cloudflare CDN. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy and cookie policies are present and appear GDPR compliant, and contact information is clearly provided. The domain registration data supports the legitimacy and maturity of the business. Overall, while the business and content quality are strong, the lack of proper SSL/TLS implementation is a major risk that should be addressed immediately.

O

Oberbank AG

oberbank.at

0

Oberbank AG is a well-established regional bank operating primarily in Austria and neighboring countries, offering a broad range of financial services including retail banking, corporate banking, savings, investments, financing, and online/mobile payment solutions. The website reflects a mature digital presence with comprehensive content tailored to private and corporate customers, supported by a modern technology stack based on Liferay and JavaServer Faces. The site demonstrates strong privacy compliance with detailed cookie consent mechanisms and GDPR-aligned privacy policies. However, the security posture is weakened by an invalid or missing SSL certificate and lack of TLS protocol support, which poses significant risks to secure communications. No explicit security or incident response policies are published, indicating room for improvement in transparency and readiness. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

V

VRVis GmbH

vrvis.at

0

VRVis GmbH is Austria's largest research institution specializing in Visual Computing, integrating Artificial Intelligence and Simulation to address complex data-driven challenges. With 25 years of experience and strong industry collaborations, VRVis offers research, tailored products, and consulting services primarily targeting industrial and scientific audiences. The website is professionally designed, multilingual, and content-rich, reflecting a mature digital presence. Technically, the site runs on TYPO3 CMS with Matomo analytics, demonstrating a modern but self-managed infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is minimal, lacking cookie consent mechanisms and explicit GDPR indicators. Overall, VRVis presents a credible and trustworthy business profile but requires urgent improvements in security and privacy practices to align with modern standards.

Austro Control GmbH is the Austrian national air navigation service provider responsible for ensuring aviation safety, air traffic control, and aeronautical information management. The company serves a broad audience including pilots, airlines, airports, and government agencies, positioning itself as a key player in the transportation and government sectors. Their services include air traffic control, pilot licensing, flight weather services, and drone regulation. The website reflects a professional and comprehensive digital presence with strong branding and trust signals such as industry awards and certifications. Technically, the site uses modern web technologies like Bootstrap and jQuery but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS security to protect users and maintain credibility.

M

Mubea Carbo Tech GmbH

carbon.at

0

Mubea Carbo Tech GmbH is a medium-sized Austrian company specializing in the design, development, and manufacturing of fiber composite components primarily for the automotive, motorsport, aeronautics, and industrial sectors. As part of the global Mubea Group, it holds a leading market position as a pioneer in lightweight construction technology since its founding in 1993. The company offers full-service solutions from design to series production, targeting automotive manufacturers and other high-tech industries. The website reflects a professional and comprehensive digital presence with multilingual support and detailed business information. Technically, the site is built on WordPress with Elementor and includes modern web technologies, though performance is hampered by the lack of a valid SSL certificate and HTTPS support, which is a critical security concern. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. However, explicit security policies and incident response information are absent. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

MOTIONDATA VECTOR Gruppe is a well-established Austrian software and IT solutions provider specializing in Dealer Management Systems and related automotive industry services. With over 40 years of experience and a strong presence in the D-A-CH region and other European markets, the company offers a comprehensive portfolio including cloud-based DMS, sales management tools, web portfolios, mobile apps, and IT infrastructure services. The website reflects a mature digital presence with professional design, multilingual support, and clear navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Social media integration and brand certifications further enhance credibility.

R

Raiffeisen Bank International

rbinternational.com

0

Raiffeisen Bank International AG is a leading business bank headquartered in Austria, serving Austria and Central and Eastern Europe. The website presents comprehensive information about the bank's services, sustainability efforts, investor relations, and career opportunities, targeting investors, corporate clients, institutions, and private customers. The technical infrastructure leverages modern web technologies including Vue.js, Adobe Experience Manager CMS, and Cloudflare hosting, with integrations for analytics and marketing such as Mouseflow, Leadfeeder, and Google Tag Manager. Security headers are well implemented; however, the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities that undermine the site's security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

P

Pinzgau Webdesign

pinzgauwebdesign.at

0

Pinzgau Webdesign is a small, locally focused WordPress web design agency based in Zell am See, Austria, operated by Martin Pletzenauer since 2013. The company offers custom WordPress website development and related services primarily targeting small to medium businesses in the Pinzgau region. The website presents a professional design with clear contact information and client references, supporting its local market position. Technically, the site is built on WordPress using the Salient theme and WPBakery Page Builder, with common plugins such as Contact Form 7. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security gap. Security headers are present but cannot compensate for the missing HTTPS, exposing visitors to potential risks. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

I

Irian Solutions Softwareentwicklungs GmbH

irian.at

0

Irian Solutions Softwareentwicklungs GmbH is a well-established software development company based in Austria, specializing in digital product development using technologies such as Java, Angular, and .NET. The company targets businesses requiring custom software solutions, with a strong market presence evidenced by notable clients in finance, energy, and transportation sectors. Their website reflects a professional and modern digital presence, leveraging the Astro framework and Cloudflare for hosting and CDN services. However, the website's security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS enforcement, which is a critical vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

A

Aeroficial Intelligence GmbH

aeroficial.com

0

Aeroficial Intelligence GmbH is a specialized provider of smart air traffic and airport operational insights, leveraging AI-driven analytics to enhance efficiency, safety, and performance for airports, airlines, and air navigation service providers. The company positions itself as a trusted partner for Tier 1 airports and leading airlines worldwide, offering a suite of solutions under the Cockpit Suite brand. The website reflects a professional and consistent brand image with clear messaging targeted at aviation industry stakeholders. Technically, the website is built on WordPress using the Divi theme and several plugins including Google Analytics and GDPR compliance tools. While the site is mobile-optimized and well-structured, performance metrics are not fully available, and some SEO and accessibility features are basic. The hosting provider is linked to the DNS servers world4you.at. Security posture is a significant concern as the website lacks a valid SSL certificate and does not support HTTPS, exposing users to potential risks. No advanced security headers or incident response policies are evident. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is credible and professional but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include implementing SSL, enhancing security policies, and expanding transparency on incident response and certifications.

Plansee SE is a globally recognized manufacturer specializing in refractory metals such as molybdenum, tungsten, and tantalum, serving high-tech industries including electronics, aerospace, and energy. With a century of experience and multiple production sites worldwide, Plansee positions itself as a leader in high-performance materials and sustainable manufacturing solutions. The website reflects a mature digital presence built on Adobe Experience Manager and Next.js, leveraging Akamai CDN and Google Tag Manager for performance and analytics. However, the current lack of a valid SSL certificate and disabled TLS protocols represent critical security vulnerabilities that undermine user trust and data protection. Despite these issues, the site maintains comprehensive privacy and cookie policies aligned with GDPR, and showcases certifications like EcoVadis Gold and ASML Sustainability Excellence Award, reinforcing its market credibility. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the overall security posture and user confidence.

E

Erste Digital GmbH

erstegroupit.com

0

Erste Digital GmbH operates as the digital and IT service arm of Erste Group, the largest banking group in Central and Eastern Europe. The company focuses on delivering IT solutions and digital transformation services to support banking operations across the region. The website reflects a professional and consistent brand image aligned with Erste Group, targeting banking customers, IT professionals, and potential employees. Technically, the site uses modern frameworks and CDNs but suffers from a critical lack of SSL/TLS configuration, which severely impacts its security posture. Privacy and cookie policies are well implemented, indicating GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements to protect user data and maintain trust.

Julius Meinl am Graben is a historic gourmet food retailer based in Austria, specializing in fine foods and delicatessen products with a legacy dating back to 1862. The website meinlamgraben.at serves primarily as a redirect to the main domain meinlamgraben.eu, indicating a consolidated online presence. The business targets consumers interested in high-quality culinary specialties and operates within the retail sector. Technically, the site is built on TYPO3 CMS and hosted on Microsoft IIS, but the current domain lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts security and user trust. Security headers are present, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are not found on this domain, and no contact forms or detailed business contact information are provided here, limiting direct user engagement. Overall, the site exhibits basic content quality and technical implementation but requires urgent security improvements to meet modern standards.

F

FLIGHTKEYS GmbH

flightkeys.com

0

FLIGHTKEYS GmbH is an Austrian-based company specializing in advanced flight planning and trajectory optimization solutions for the aviation industry. Founded in 2015, the company offers a sophisticated 5D flight management system designed to optimize airline operations cost-effectively while integrating environmental sustainability and real-time flight dynamics. Their market position is that of a niche technology innovator serving airlines and aviation stakeholders globally. The website presents detailed product information and company background, targeting aviation professionals and potential customers. Technically, the website uses a traditional web stack including nginx, jQuery, and slick carousel, with a responsive design suitable for mobile devices. However, the site lacks HTTPS support and a valid SSL certificate, which is a critical security deficiency. Security headers are partially implemented but insufficient without encryption. No analytics or tracking services are detected, indicating minimal user tracking. From a security perspective, the absence of HTTPS and privacy policies significantly lowers the site's security posture and privacy compliance. The site does not provide terms of service, security policies, or incident response contacts, which are important for trust and compliance. The WHOIS data is consistent and indicates a mature, legitimate domain registration aligned with the company's Austrian base. Overall, while the business and content quality are good, the lack of HTTPS and privacy compliance are critical issues that must be addressed to improve trustworthiness and security. Strategic improvements in security infrastructure and privacy transparency are recommended to align with industry best practices.

J

Johannes Kepler Universität Linz

jku.at

0

Johannes Kepler Universität Linz operates as a large public university in Austria, offering a wide range of academic programs including Bachelor, Master, Diplom, and doctoral studies. The institution serves students, researchers, and alumni with comprehensive educational and research services, supported by a well-structured and professionally designed website. The university maintains a strong market position as the largest university in Upper Austria with extensive campus services and international programs. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager and Matomo. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to risks and lowering the overall security posture. Privacy and cookie policies are well implemented with explicit consent mechanisms, reflecting good GDPR compliance. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and strengthen its security framework.

A

A&N GesbR

an-gesbr.com

0

A&N GesbR is a small partnership business based in Linz, Austria, represented by Philipp Asanger and Manuel Nobis. The website serves primarily as an informational portal with links to partner sites and basic company details including a physical address and VAT number. The business appears to operate in a retail or tools-related sector, though no explicit service descriptions are provided. Technically, the website is built on WordPress using Elementor and common web technologies such as jQuery and Bootstrap. However, the site lacks HTTPS, which is a critical security deficiency. No privacy or cookie policies are present, and no contact emails or phone numbers are provided, limiting user engagement and compliance with data protection regulations. The overall security posture is weak, with no advanced security headers or protections implemented. Performance data is missing, but the site likely suffers from slow loading due to lack of optimization. The domain registration data aligns well with the website content and business location, indicating legitimacy. Strategic improvements in security, privacy compliance, and contact transparency are recommended to enhance trust and professionalism.

A

Allianz Elementar Versicherungs AG

allianz.at

0

Allianz Elementar Versicherungs AG operates a comprehensive insurance website targeting private customers in Austria, offering a wide range of insurance and financial products including vehicle, health, accident, and life insurance. The website demonstrates strong market positioning with extensive content, professional design, and consistent branding. Technically, the site is built on Adobe Experience Manager, leveraging Cloudflare for hosting and CDN services, and integrates modern marketing and analytics tools such as Adobe Analytics and OneTrust for GDPR compliance. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

E

Erste Asset Management

erste-am.com

0

Erste Asset Management operates as an international asset management company serving both institutional and private investors, primarily based in Austria. The website presents a professional and well-structured digital presence targeting these investor groups with clear navigation and relevant content. Technically, the site leverages a modular GEM framework hosted on AWS CloudFront CDN, ensuring scalability and modern web practices. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, despite the presence of several security headers and a strict DMARC policy. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, while the business credibility and content quality are strong, the critical lack of HTTPS is a major risk that needs immediate remediation.

Ö

Österreichische Gesundheitskasse

sgkk.at

0

The Österreichische Gesundheitskasse (ÖGK) operates as a major public healthcare insurance provider in Austria, offering a broad range of health-related services to insured individuals, employers, and partners. The website serves as an information and service portal, providing access to appointment scheduling, customer service, health information, and career opportunities. The target audience primarily includes Austrian residents and healthcare stakeholders. The organization holds a strong market position as a government-affiliated entity with consistent branding and trust indicators such as official social media presence and comprehensive privacy policies. Technically, the website is built on a custom CMS likely based on Gentics Content Server, utilizing Jakarta Faces (JSF) framework and jQuery 3.6.0. It integrates Piwik PRO for analytics and employs a detailed Content Security Policy. However, the site currently lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. Performance data is limited but suggests slower load times. Accessibility and SEO optimizations are well implemented. From a security perspective, the absence of HTTPS and modern TLS protocols is a critical vulnerability. While security headers like CSP and HSTS are present, the lack of a valid certificate and secure transport reduces overall security. No explicit incident response or vulnerability disclosure mechanisms are found. Privacy compliance is strong, with clear cookie consent and privacy policies aligned with GDPR. Overall, the website is professional and trustworthy in content and business credibility but requires urgent improvements in SSL/TLS implementation to enhance security and user trust. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security header configurations to protect user data and comply with best practices.

U

United Nations Office on Drugs and Crime

unodc.org

0

The United Nations Office on Drugs and Crime (UNODC) operates as a key intergovernmental agency focused on combating illicit drugs, crime, corruption, and terrorism globally. It provides extensive research, policy guidance, and technical assistance to member states and partners, positioning itself as a leading authority in its domain. The website reflects a mature, well-branded digital presence with comprehensive content and multi-language support targeting governments, NGOs, researchers, and the public. Technically, the site uses a modern tech stack including Apache, AngularJS, Bootstrap, and Google Tag Manager, hosted on UN Vienna infrastructure. While the site is moderately performant and mobile-optimized, it lacks a valid SSL certificate and modern TLS support, which critically undermines its security posture. Security headers are well implemented, but the absence of HTTPS and session security features are significant vulnerabilities. From a security perspective, the site demonstrates good header policies but fails to provide encrypted transport, OCSP stapling, or session resumption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Business credibility is high given the official UN affiliation and consistent WHOIS data. Overall, the site is authoritative and professional but requires urgent security improvements, especially SSL deployment, to ensure trust and compliance. Strategic recommendations include obtaining valid HTTPS certificates, enabling modern TLS protocols, implementing cookie consent, and enhancing incident response visibility.

N

NOVOMATIC AG

novomatic.com

0

NOVOMATIC AG is a leading global gaming technology company headquartered in Austria, founded in 1980. It operates as a full-service provider in the gaming industry, offering a broad portfolio including gaming cabinets, games, platforms, and additional products. The company has a strong market position as one of the largest gaming technology corporations worldwide and the clear market leader in Europe. The website reflects a professional corporate presence targeting industry partners, casino operators, and job seekers, with comprehensive contact information and multilingual support. Technically, the website is built on Drupal 10 CMS and leverages modern JavaScript libraries and analytics tools such as Matomo. It is hosted behind Sucuri Cloudproxy WAF, ensuring some level of protection. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that significantly lowers the security posture. The site implements security headers and content security policies but must urgently address SSL/TLS configuration to protect user data and maintain trust. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. The company demonstrates business credibility through detailed contact information, licensing by the UK Gambling Commission, and consistent WHOIS data. Overall, the site is content-rich, professionally designed, and trustworthy but requires immediate security improvements regarding SSL/TLS. Strategic recommendations include obtaining and properly configuring SSL certificates, enabling modern TLS protocols, enhancing OCSP stapling and session resumption, and maintaining strong security header policies. These steps will improve security, user trust, and compliance with industry standards.

S

Sockbird Enterprise OG

snipcard.eu

0

snipcard.eu is a niche marketing and advertising platform focused on providing physical collectible advertising cards (snipcards) displayed in partner locations primarily in Vienna and Graz, Austria. The business targets small enterprises, startups, NGOs, and cultural institutions, offering an affordable and innovative offline marketing solution integrated with inbound marketing principles. The company operates a franchise model and an online shop to facilitate sales and expansion. Technically, the website is built on WordPress using the Enfold theme and Avia framework, with common marketing and analytics tools such as Yoast SEO, Google Analytics, Jetpack, and StatCounter. However, the site lacks HTTPS, which is a critical security shortfall. The content is well-structured, SEO-optimized, and includes comprehensive FAQs and social media integration, but no direct contact emails or phone numbers are visible on the homepage. Privacy and cookie policies are present and GDPR compliant, but no terms of service or security policies are found. The domain registration data is consistent with the business claims, indicating legitimacy. Overall, the site demonstrates moderate digital maturity but requires urgent security improvements.

F

Fischer Sports

fischersports.com

0

Fischer Sports is a well-established Austrian manufacturer and retailer specializing in premium alpine and nordic ski equipment as well as hockey sticks. The company has a strong market presence with a comprehensive product range targeting both professional athletes and recreational users. Their website demonstrates a high level of digital maturity, utilizing modern frameworks such as Nuxt.js and Shopware CMS, supported by Cloudflare for hosting and security. Despite the rich content and professional design, the absence of a valid SSL certificate and lack of HTTPS support represent significant security concerns. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance. However, direct contact information such as company emails or phone numbers is not prominently available, relying mainly on contact forms. Overall, the business appears legitimate and trustworthy, but urgent improvements in security infrastructure are recommended.

P

Projekt Kraft

projektkraft.at

0

Projekt Kraft is a European general contractor and project management company specializing in retail, hospitality, office, and e-mobility sectors. They provide comprehensive services including planning, design, construction, and facility management with a multilingual team and multiple office locations in Austria, Germany, and Italy. The website is professionally designed with rich content and clear navigation, targeting B2B clients seeking turnkey project solutions. Technically, the site runs on WordPress with modern plugins and tracking tools but suffers from a critical security issue due to the lack of a valid SSL certificate, impacting its security posture significantly. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the business demonstrates strong credibility and market presence but should urgently address SSL and TLS configuration to improve security and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Deutsche Handelskammer in Österreich (DHK)

dhk.at

0

The Deutsche Handelskammer in Österreich (DHK) is a well-established organization dedicated to fostering bilateral economic relations between Germany and Austria. The website presents a professional and comprehensive overview of their services, including business partner mediation, legal and tax consulting, environmental compliance, and event networking. Their market position is strong within the German-Austrian economic cooperation sector, supported by reputable partners and government affiliations. Technically, the site uses modern CMS and caching technologies, ensuring good user experience and accessibility. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, the site is credible and professionally maintained but urgently requires SSL implementation to improve security posture.

N

Netural GmbH

netural.com

0

Netural GmbH is a mature and reputable digital services provider based in Austria, specializing in digital transformation, web and mobile app development, augmented reality, and eCommerce solutions primarily for B2B clients. The company has a strong market position supported by multiple industry awards and a professional online presence. Technically, the website uses modern web technologies and a CMS (Storyblok), with content optimized for mobile and SEO. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks. Privacy policies and cookie consent mechanisms are well implemented, indicating good GDPR compliance. Overall, the business credibility is high, but urgent security improvements are needed to protect data and enhance trust.

S

STYRIA MEDIA GROUP

styria.com

0

STYRIA MEDIA GROUP is a large, established media company operating multiple brands primarily in Austria. The website serves as a digital presence for the group, showcasing its various media brands and services. The technical infrastructure includes a modern JavaScript framework (Vue.js) and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a significant security concern. The presence of a Content Security Policy in report-only mode and strict transport security headers shows some security awareness but incomplete implementation. Privacy compliance is well addressed with GDPR-compliant policies and consent management tools. Overall, the website is functional but requires urgent security improvements to protect user data and enhance trust.

V

Venionaire Capital

venionaire.com

0

Venionaire Capital is a medium-sized, globally active investment and advisory firm specializing in Private Equity and Venture Capital. The company offers a broad range of services including fund management, corporate finance, M&A, restructuring, and research products. It targets investors, entrepreneurs, and corporates, positioning itself as an entrepreneurial partner with a strong global footprint and multiple co-founded initiatives enhancing the investment ecosystem. The website content is professionally presented with clear navigation and rich service descriptions, reflecting a mature business model and market presence. Technically, the website is built on WordPress using the Enfold theme and integrates common technologies such as jQuery, Yoast SEO, and Google Analytics. However, the site suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which severely impacts its security posture. Performance is slow, and while mobile optimization and SEO are good, accessibility is basic. Cookie consent mechanisms are present, but no explicit security or incident response policies are published. Security-wise, the lack of HTTPS and modern TLS protocols is a major vulnerability, exposing users to data interception risks. No advanced security headers or certificate transparency measures are implemented. The WHOIS data is consistent with the business claims, showing no suspicious patterns. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust. Strategically, Venionaire Capital should prioritize obtaining and configuring a valid SSL certificate, enabling HTTPS, and implementing modern security headers and protocols. Enhancing privacy and incident response disclosures would also improve compliance and user confidence. These steps will strengthen the company's digital maturity and reduce risk exposure.

The website for parkhyattvienna.com represents a luxury hospitality business under the Hyatt Hotels Corporation umbrella, targeting affluent travelers seeking premium accommodation and services in Vienna, Austria. However, the website content is extremely minimal, lacking essential information such as privacy policies, contact details, and business descriptions. The technical infrastructure shows use of JavaScript and hosting via Amazon CloudFront, but no modern CMS or frameworks are detected. Performance and SEO optimization are poor due to the lack of content and metadata. From a security perspective, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability for any modern website, especially in hospitality where customer trust is paramount. Security headers are minimal, and no advanced security practices are implemented. There is no evidence of GDPR compliance or cookie consent mechanisms, which could expose the business to regulatory risks. Overall, the website presents a high risk due to its poor security posture, lack of compliance documentation, and minimal content quality. Strategic improvements are necessary to enhance trust, security, and user experience to align with the expectations of a luxury hospitality brand.

C

Casinos Austria AG

casinos.at

0

Casinos Austria AG operates a comprehensive network of casinos across Austria, providing a wide range of gaming options including poker, slot machines, and table games, complemented by hospitality services such as restaurants and event locations. The website serves as the official digital presence, targeting casino visitors and players with detailed information on locations, events, membership benefits, and promotional packages. The company holds a strong market position as a leading casino operator in Austria, supported by consistent branding and trust indicators such as recognized certifications and responsible gaming initiatives. Technically, the website is built on TYPO3 CMS and employs modern web technologies including JavaScript and SVG graphics. It integrates multiple analytics and marketing tools with user consent mechanisms, ensuring good digital maturity. The site is mobile-optimized and accessible, with good SEO practices and clear navigation enhancing user experience. From a security perspective, while the site implements several important security headers and content security policies, it currently lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening its security posture. This exposes the site to risks related to unencrypted traffic and potential interception. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. The presence of a responsible disclosure page indicates a proactive approach to vulnerability management. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to secure user data and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling TLS 1.2 or higher, and fully activating HSTS. These steps will enhance security, compliance, and user confidence, supporting the company’s strong market presence and digital strategy.

The website dieangewandte.at represents the Universität für angewandte Kunst Wien, a large educational institution specializing in applied arts. The site offers comprehensive information about academic programs, research, exhibitions, and cultural events targeting students, researchers, and the arts community. The business model is centered on education and cultural dissemination, positioning the university as a key player in Austria's higher education sector for arts. Technically, the site uses a custom CMS with Apache hosting, integrates Matomo analytics, Google Fonts, and jQuery-based UI components. However, the site lacks HTTPS, which is a critical security deficiency. Security posture is weak due to missing SSL/TLS, lack of security headers, and no incident response or vulnerability disclosure policies. Privacy compliance is minimal with no cookie consent mechanism, though Matomo usage suggests some privacy awareness. Overall, the site is professionally designed and content-rich but requires urgent security upgrades to protect users and data.

U

UNIGRUPPE

pfeiffer.at

0

The website pfeiffer.at currently serves as a placeholder page indicating that a new website is under construction for the company UNIGRUPPE. The site provides minimal business information, with no detailed description of services or market positioning. The technical infrastructure is based on WordPress with jQuery and Open Sans fonts, but suffers from very slow load times and lacks HTTPS encryption, which significantly impacts security and user trust. No privacy, cookie, or terms of service policies are present, and no contact information is provided, limiting user engagement and compliance with data protection regulations. The WHOIS data is consistent and shows the domain is registered with a reputable registrar, domainfactory GmbH, with no privacy protection, indicating transparency in ownership. Overall, the website is in an early stage of development and requires significant improvements in content, security, and compliance to meet professional standards.

R

REWE Group in Österreich

rewe-group.at

0

REWE Group in Österreich is a major retail group operating multiple supermarket and retail brands across Austria and several European countries. The company has a long-standing history of over 70 years and manages well-known brands such as BILLA, PENNY, and BIPA. The website presents comprehensive corporate and sustainability information targeting customers and stakeholders in Austria and Europe. Technically, the site uses modern frontend technologies like Alpine.js and FontAwesome and is likely powered by the Statamic CMS. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Security headers are partially implemented, but the absence of TLS protocols and valid certificates significantly reduces the security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to consistent branding, detailed corporate information, and alignment with WHOIS data. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security configuration.

C

Center for Technology & Society

cts.wien

0

The Center for Technology & Society (CTS) is an inter-university and interdisciplinary cooperation platform based in Vienna, Austria, involving prominent academic institutions such as TU Wien, FH Campus Wien, FH Technikum Wien, and Universität Wien. It focuses on research, teaching, and societal engagement addressing technological and social challenges like climate change and digital transformation. The platform supports researchers, students, and societal stakeholders through networking, coordination, and participatory approaches. Technically, the website is built using the Hugo static site generator and leverages multiple JavaScript libraries including jQuery, Bootstrap, and Leaflet for interactive maps. However, the site suffers from a lack of HTTPS security, with no valid SSL certificate and no modern TLS protocols enabled, which significantly impacts its security posture. The site also lacks privacy and cookie policies, which affects compliance with data protection regulations. Performance is slow with a high load time and large page size, though mobile responsiveness and navigation are well implemented. Overall, the site presents a professional academic presence but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

T

Technische Universität Wien

tuwien.at

0

Technische Universität Wien (TU Wien) is a leading technical university in Austria, providing comprehensive education, research, and cooperation services primarily in the technology and engineering sectors. The website reflects a mature digital presence with a professional design, clear navigation, and strong accessibility and privacy compliance measures. However, the security posture is weakened by the absence of a valid SSL/TLS certificate and lack of modern TLS protocol support, which poses significant risks to user data confidentiality and trust. The university employs TYPO3 CMS and integrates multiple analytics and marketing tools, demonstrating a high level of digital maturity but with room for security improvements. Overall, the website is content-rich and trustworthy but requires urgent remediation of its SSL configuration to meet modern security standards.

All Channels Communication Austria GmbH is a medium-sized marketing and communication agency operating primarily in Austria and the CEE region. The company offers a comprehensive range of services including campaign management, brand management, PR, digital strategies, and social media marketing. Positioned as one of the fastest growing and most awarded agencies in its region, it targets businesses seeking integrated multi-channel marketing solutions. The website content is well-structured and professionally presented in German, with clear navigation and mobile optimization. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but suffers from a lack of a valid SSL certificate, impacting security and trust. Security posture is basic with no advanced headers or policies implemented, and privacy compliance is minimal with only a basic disclaimer modal and cookie consent banner. Contact information is clearly provided including phone, email, physical address, and a contact form. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to meet modern standards.

K

KTHE | Team Farner

kthe.at

0

KTHE | Team Farner is a medium-sized Austrian communications company offering a comprehensive range of communication services including brand design, campaigns, PR concepts, and platforms. They position themselves as a leading provider in the Austrian market with a strong emphasis on creativity and international outlook. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Yoast SEO, but suffers from slow performance and basic accessibility. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing DNS security features. Privacy compliance is basic with a privacy policy and cookie notice present but no advanced GDPR indicators. Business credibility is moderate with clear contact information and social media presence but lacks certifications or detailed policies. Overall, the site is functional and professional but requires urgent security improvements.

S

Skills

skills.at

0

Skills is a well-established Austrian public relations and communication consultancy agency founded in 1984. The company specializes in full-service PR and communication consulting, focusing on sensitive and complex topics. It serves a broad business audience seeking expert communication services, supported by a strong network and quality certifications. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common frameworks like Bootstrap and uses jQuery and Yoast SEO for enhanced functionality and SEO. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a privacy policy and DMARC/SPF email protections, but lacks a cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

M

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH

massgeschneidert.at

0

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH is a Vienna-based communications agency specializing in public relations, media, creative concepts, content, strategy, 360 communications, and partnerships. With approximately 10 years of experience, the company targets projects and brands seeking tailored communication strategies. The website reflects a professional branding approach with consistent messaging and a focus on creative communications services. Technically, the site is built on WordPress using the BeTheme theme and common plugins, but suffers from slow performance and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, missing security headers, and no cookie consent mechanism, which poses risks to user data protection and trust. Overall, the site is functional and informative but requires significant improvements in security and privacy compliance to meet modern standards.

A

A1 Telekom Austria Group

telekom.at

0

A1 Telekom Austria Group is a leading telecommunications provider in Austria, offering a comprehensive range of services including mobile telephony, fixed internet, TV streaming, and digital security products. The website reflects a mature digital presence with a strong focus on residential customers, youth, and families, supported by loyalty programs and customer apps. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries and frameworks, and integrates cookie consent management via OneTrust and analytics through Google Tag Manager. Security posture is robust with HTTPS enforced, strong TLS configurations, and appropriate security headers, although improvements such as enabling HSTS and OCSP stapling could enhance security further. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, the website demonstrates high professionalism, excellent user experience, and trustworthy business practices.

V

Verein für Konsumenteninformation (VKI)

europakonsument.at

0

Europakonsument.at is the official website of the European Consumer Centre Austria, operated by the Verein für Konsumenteninformation (VKI). It provides free advice and assistance to consumers facing cross-border issues within the EU, UK, Norway, and Iceland. The site offers complaint forms, consumer rights information, and updates on relevant topics such as travel, online shopping, and warnings. The organization is government-backed and co-funded by the EU, positioning it as a trusted non-profit consumer advocacy entity in Austria. Technically, the site is built on Drupal CMS, hosted on AWS infrastructure, and uses Matomo for analytics. While the site is content-rich and well-structured with good mobile optimization and accessibility, it suffers from a lack of a valid SSL certificate, resulting in a basic security posture. Privacy compliance is strong with a clear cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site is professional and trustworthy but requires urgent improvements in SSL and security headers to enhance user trust and security.