Security Directory

C

CRIF Österreich

crif.at

0

CRIF Österreich operates as a leading provider of credit and risk management solutions, serving both businesses and private individuals primarily in Austria but also internationally. The company offers a broad portfolio including creditworthiness assessments, compliance, ESG risk management, identity management, and marketing services. The website reflects a mature enterprise with consistent branding and comprehensive content tailored to its target audience. Technically, the site uses modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Swiper.js, alongside Matomo analytics and Usercentrics for consent management. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are well implemented, indicating good GDPR compliance. Overall, the site is professional and trustworthy but requires urgent security improvements.

The website allianz.co.uk is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to proceed. This prevents access to any substantive content, including business descriptions, contact information, or policy documents. The domain is mature, registered since 1999, and associated with a reputable registrar, indicating legitimacy. However, the lack of a valid SSL certificate and HTTPS support is a critical security flaw. The presence of multiple security headers is positive but overshadowed by the SSL misconfiguration. Overall, the site’s digital maturity and security posture cannot be fully assessed due to access restrictions, resulting in a low AI score and limited insights.

C

CP BAP

bankseminar.eu

0

CP BAP is a consulting company specializing in financial services and related sectors, offering tailored consulting, IT solutions, and blended learning services. The company positions itself as a trusted partner with a focus on sustainable success and regulatory compliance. The website is professionally designed with good content quality and SEO optimization, targeting financial institutions such as banks and IT service providers. Technically, the site is built on WordPress with Elementor and uses various plugins for search and cookie management. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the security posture. Privacy compliance is well addressed with GDPR-compliant policies and cookie consent mechanisms. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust.

S&P Global is a leading enterprise in the financial data and analytics sector, providing essential intelligence through a combination of data, connected technologies, and expert insights. The website reflects a mature, well-structured digital presence with comprehensive content targeting financial professionals and enterprises. Technically, the site leverages Adobe Experience Manager CMS, integrates modern analytics and error tracking tools, and maintains good SEO and accessibility standards. However, a critical security gap exists due to the absence of a valid SSL certificate, which significantly impacts the security posture and overall trustworthiness. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The domain registration aligns with the company's long-standing history and public presence, reinforcing legitimacy. Strategic improvements in SSL configuration and enhanced security practices are recommended to elevate the site's security and trust levels.

C

CONVISIO Völkermarkt WTH-STB GmbH & Co KG

convisio.at

0

CONVISIO Völkermarkt WTH-STB GmbH & Co KG is a medium-sized Austrian financial services company specializing in tax consulting, auditing, financial advisory, accounting, and startup consulting. The company operates multiple offices across Austria, targeting clients seeking professional financial and tax services. The website is built on WordPress with Elementor and includes modern SEO and cookie consent tools, reflecting a moderate level of digital maturity. However, the absence of a valid SSL certificate and lack of advanced security headers represent critical security weaknesses that could undermine user trust and data protection. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the company presents a professional image with clear contact information and trust signals such as certifications, but must urgently address its SSL and security posture to improve its risk profile.

D

d:code:it Ltd

dcodeit.com

0

d:code:it Ltd is a digital design and development studio specializing in transforming enterprises, particularly in the financial services sector. The company targets global banks and enterprises, offering innovative financial solutions, trading applications, and management consulting services. Their market position is that of a niche, specialized provider with a strong focus on complex UI and fintech applications. The website reflects a professional and consistent brand image with detailed leadership information and a comprehensive privacy policy demonstrating GDPR compliance. Technically, the website is hosted on AWS infrastructure using Amazon S3 and CloudFront CDN, with modern JavaScript and SVG animations enhancing user experience. However, the site suffers from an invalid SSL certificate and lack of modern TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed in the policy, but no explicit cookie consent mechanism is present. Overall, the site is functional and professional but requires urgent security improvements to ensure trust and compliance.

I

ICON Wirtschaftstreuhand GmbH

icon.at

0

ICON Wirtschaftstreuhand GmbH is a medium-sized Austrian professional services firm specializing in tax consulting, auditing, and international tax expertise. The company holds a strong market position, being ranked first in sustainability and machinery & plant engineering consulting by INDUSTRIEMAGAZIN in 2025. Their business model focuses on delivering comprehensive tax and audit services through nine specialized service lines supported by a global network and membership in WTS Global. The website reflects a professional and consistent brand image targeting businesses and private clients with international tax needs. Technically, the site is built on TYPO3 CMS, served via Apache and Amazon CloudFront CDN, and uses modern web technologies including Font Awesome and Google Tag Manager. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortcoming despite the presence of strong security headers and a content security policy. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is comprehensive and clearly presented. Overall, the site is well-designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security posture.

L

LGT Private Banking

lgt.com

0

LGT Private Banking is a well-established global private bank with over 100 years of history, specializing in wealth management and investment solutions for wealthy clients. The website reflects a professional and consistent brand image, targeting high-net-worth individuals and financial intermediaries. The business model focuses on private banking services, investment solutions, and sustainability-oriented wealth management. Technically, the website uses modern web technologies and is hosted on a reputable CDN provider, but suffers from critical SSL/TLS misconfiguration, impacting security and user trust. Security headers are well implemented, but the lack of HTTPS is a major vulnerability. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is content-rich, professionally designed, and trustworthy, but requires urgent security improvements.

L

lemonconsulting

lemonconsulting.es

0

Lemon Consulting is a Spanish strategic consulting company specializing in credit insurance, health insurance, and business innovation consulting. The company targets businesses seeking to improve their overall results and risk management. The website presents a professional and consistent brand image with clear service offerings and contact information. Technically, the site is built on WordPress with Elementor and uses modern web technologies and plugins for SEO, accessibility, and GDPR compliance. However, the absence of a valid SSL certificate and HTTPS significantly impacts the security posture. The site employs Google Analytics and cookie consent mechanisms aligned with GDPR. Security policies and incident response information are not publicly available, which could be improved to enhance trust. Overall, Lemon Consulting appears to be a legitimate small business with a moderate digital maturity level but requires urgent improvements in SSL/TLS security to protect user data and improve trust.

OeKB Gruppe is a central financial service provider based in Austria, supporting the Austrian economy with a broad range of services including export financing, capital market services, energy market services, development financing, and tourism services. The website presents a professional and comprehensive overview of their offerings, targeting Austrian businesses, investors, and financial institutions. The company holds a strong market position as a key financial institution in Austria. Technically, the website uses a custom CMS with JavaScript and Bootstrap frameworks, but suffers from slow load times and lacks modern security configurations such as a valid SSL certificate and TLS protocols. Mobile optimization and SEO are good, but accessibility is basic. The website lacks cookie consent mechanisms and some security best practices. Security posture is weak due to the absence of HTTPS, no security headers, and missing email authentication records like DMARC. DNSSEC is disabled and CAA records are malformed. These issues pose significant risks to user data confidentiality and trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and comply with modern standards. Strategic recommendations include implementing HTTPS, enabling security headers, and adding privacy and cookie consent mechanisms.

R

RAITEC GmbH

grz.at

0

RAITEC GmbH is a prominent IT service provider specializing in delivering high-tech infrastructure and operational services to the financial sector in Austria. The company supports a large-scale environment with over 50 million daily online transactions, 35,000 client workstations, and extensive data storage capabilities. Their market position is strong as one of Austria's leading IT system houses focused on finance. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks and tracking tools, providing a professional and accessible user experience. However, the critical lack of a valid SSL certificate and HTTPS support significantly undermines the security posture. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the business credibility and content quality are high, but urgent security improvements are needed to protect user data and trust.

plenum AG Management Consulting is a well-established German management consulting firm specializing in transformation advisory services primarily for the finance, insurance, and energy sectors. With over 35 years of experience, the company holds a strong market position supported by industry awards and a professional digital presence. The website reflects a mature digital infrastructure built on TYPO3 CMS, featuring comprehensive content, clear navigation, and multi-channel engagement including social media and newsletters. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, exposing the site to risks and undermining user trust. Privacy policies and cookie consent mechanisms are well implemented, aligning with GDPR requirements. Overall, the business demonstrates high credibility and professionalism but must urgently address its HTTPS deficiency to improve security posture and user confidence.

H

HYPO NOE Landesbank für Niederösterreich und Wien AG

hyponoe.at

0

HYPO NOE Landesbank für Niederösterreich und Wien AG is a well-established regional financial institution in Austria, offering a broad range of banking services including retail accounts, savings, investments, financing, and green banking products. The website targets private customers, young adults, companies, and public sector entities, emphasizing sustainability and digital banking solutions. Technically, the site is built on TYPO3 CMS with modern frontend technologies and includes cookie consent management and analytics integration. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS support, which is critical for a banking website. Despite this, the site maintains good privacy compliance and business credibility with clear contact information and certifications. Strategic improvements in SSL/TLS configuration and security headers are recommended to enhance trust and security.

L

List SpA

list-group.com

0

List SpA is a medium-sized Italian company specializing in advanced software solutions for banking and finance, including trading, compliance, risk management, and treasury management. As part of the ION Group, it holds a strong market position with a professional digital presence targeting financial institutions and trading venues. The website is well-structured, content-rich, and optimized for SEO and mobile devices, reflecting a mature digital infrastructure based on WordPress and Elementor. However, a critical security gap exists due to the absence of a valid SSL certificate, exposing users to potential risks and undermining trust. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Overall, the company demonstrates strong business credibility but must urgently address its SSL/TLS configuration to improve security posture and user trust.

S&P Global Ratings operates as a leading global credit rating agency providing essential financial intelligence embedded into the workflows of customers worldwide. The website reflects a mature enterprise with a comprehensive offering of credit ratings, research, and analytics services targeted at investors, issuers, and intermediaries. The digital infrastructure leverages modern JavaScript libraries, marketing tools, and analytics platforms, hosted primarily on Amazon AWS with content delivery via Akamai. While the site is professionally designed with excellent content quality and user experience, it lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present, but the absence of TLS protocols and certificate transparency compliance are critical gaps. Privacy policies and cookie notices are well implemented, indicating good privacy compliance. Overall, the website demonstrates high business credibility but requires urgent security improvements to align with best practices and protect user data.

H

Heller Consult Tax & Business Solutions GmbH

hellerconsult.com

0

Heller Consult Tax & Business Solutions GmbH is a Vienna-based tax and business consulting firm targeting entrepreneurs and businesses primarily in Austria. The company offers a range of services including tax consulting, accounting, business consulting, digital booking, and client portals. Their market position is that of a small but professional local firm with an international network partner, InterGest® Austria, supporting clients with expansion needs. The website is well structured, professionally designed, and provides clear contact channels and trust indicators such as customer testimonials and a ProvenExpert rating widget. Technically, the site is built on TYPO3 CMS with UIkit framework and integrates analytics tools like Google Tag Manager and Hotjar. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security vulnerability. Cookie consent and privacy policies are well implemented and GDPR compliant. Overall, the business presents a credible and professional image but must urgently address its SSL/TLS deficiencies to improve security and trust.

D

Deutsche Vermögensberatung Bank Aktiengesellschaft

dvag.at

0

Deutsche Vermögensberatung Bank Aktiengesellschaft (DVAG) is a well-established family-owned financial advisory company operating primarily in Austria, offering financial coaching, private customer financial services, and career opportunities as financial advisors. The website is professionally designed with comprehensive content, clear navigation, and strong branding consistency. It targets private customers and prospective financial advisors, positioning itself as a trusted leader in the Austrian financial advisory market. Technically, the site uses modern web components and multimedia integrations but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Privacy compliance is strong, with detailed GDPR-compliant policies and cookie consent mechanisms. The business information is transparent and consistent with WHOIS data, reinforcing legitimacy. However, the lack of HTTPS and security headers significantly lowers the security posture and overall trustworthiness score.

Raiffeisen-Landesbank Tirol AG is a regional financial institution serving private and corporate clients primarily in Tirol, Austria. The website presents a comprehensive portfolio of banking services including private banking, corporate banking, online banking, loans, savings, insurance, and real estate services. The company positions itself as a trusted regional partner with a strong emphasis on sustainability and customer service. Technically, the website is built on Adobe Experience Manager with modern JavaScript frameworks such as Angular and includes advanced tracking and consent management tools. However, the security posture is weak due to the absence of a valid SSL certificate and lack of TLS protocol support, which is a critical issue for a financial institution. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

TMF Group is a leading global provider of administrative, compliance, and governance services, supporting companies across more than 80 countries. Their extensive service portfolio includes accounting, tax, payroll, capital markets, fund services, and ESG administration, targeting corporates, financial institutions, asset managers, private equity, and family offices. The company operates through a large global network of over 11,000 professionals in 125+ offices, serving major multinational clients including Fortune Global 500 and FTSE 100 companies. The website reflects a mature business model with a strong market position and comprehensive service offerings. Technically, the website employs modern technologies such as Microsoft Application Insights, Google Tag Manager, OneTrust for cookie consent, and Cloudflare for CDN services. The site is well-structured, mobile-optimized, and SEO-friendly, with good accessibility features. However, performance metrics were not available, limiting full assessment of speed. From a security perspective, the site implements multiple security headers including a strict Content Security Policy and HSTS. Cookies are set with secure and HttpOnly flags, and privacy compliance is well addressed with GDPR-aligned policies and consent mechanisms. The critical weakness is the absence of a valid SSL certificate and disabled TLS protocols, which severely undermines the security posture and user trust. This issue requires immediate remediation to enable HTTPS and secure communications. Overall, the website is professionally designed and content-rich, demonstrating high business credibility and privacy compliance. The main risk lies in the invalid SSL configuration, which impacts security scores and could expose users to risks. Strategic improvements in SSL/TLS deployment and continued transparency in security policies will enhance trust and compliance.

dLocal is a mature, Nasdaq-listed fintech company specializing in payment processing solutions tailored for emerging markets across Africa, Asia, and Latin America. The company offers a comprehensive suite of services including payins, payouts, fraud management, and invoice collection, serving over 700 merchants with access to 900 payment methods. The website reflects a strong market position with professional branding, extensive content, and trusted partnerships with major global companies. Technically, the site uses modern JavaScript libraries and consent management tools, but suffers from a critical lack of a valid SSL certificate, severely impacting its security posture. Privacy and cookie policies are well implemented with GDPR compliance indicators. Overall, the site is professional and trustworthy but must urgently address its SSL/TLS configuration to ensure secure user interactions.

U

UNiQUARE Software Development GmbH

uniquare.com

0

UNiQUARE Software Development GmbH is an Austrian company specializing in software solutions for customer-centric banking, with 36 years of experience. The company offers digitized, integrated end-to-end banking processes and provides a complete service package including software development, integration, implementation, and maintenance. Their market position is strong within the banking sector, serving over 1,500 financial institutions and 200,000 users across three continents. The website reflects a professional and comprehensive digital presence with clear business information and customer testimonials. Technically, the site is built on WordPress with Elementor and related plugins, optimized for SEO and mobile use, but suffers from slow performance and basic accessibility.

W

WTW

willistowerswatson.com

0

WTW is a global enterprise specializing in risk management, employee benefits, and capital solutions. The company offers comprehensive consulting services aimed at helping organizations optimize their human capital, manage risks, and leverage capital effectively. The website reflects a mature digital presence with multi-language support and a clear focus on professional service delivery. Technically, the site uses modern frameworks such as Bootstrap and Sitecore CMS, integrated with advanced search and video technologies. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which undermines HTTPS security benefits. Privacy compliance is strong with clear cookie and privacy policies, and the site employs extensive analytics and marketing tools. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS issues to improve security and user trust.

R

Raiffeisen Informatik GmbH & Co KG

raiffeiseninformatik.at

0

Raiffeisen Informatik GmbH & Co KG is a well-established IT service provider specializing in comprehensive IT solutions for financial and insurance sectors, with over 50 years of experience and a strong presence in Austria and neighboring countries. The company offers a broad range of services including data center operations, security services, IT consulting, and banking and insurance solutions. Their business model focuses on close collaboration with clients from planning through operation, supported by a large workforce and significant annual revenue. Technically, the website is built on WordPress with Apache server infrastructure and uses Cloudflare for DNS, but critically lacks a valid SSL certificate, exposing it to security risks. Security headers are implemented, but without HTTPS the security posture is severely weakened. Privacy compliance is basic with no visible cookie consent or incident response information. Overall, the website is professional and content-rich, but the lack of HTTPS is a major security concern that must be addressed urgently.

C

CMC Markets

cmcmarkets.com

0

CMC Markets is a well-established global online trading platform founded in 1989, offering leveraged trading on a wide range of financial instruments including forex, indices, commodities, cryptocurrencies, shares, ETFs, and bonds. The company operates multiple trading platforms such as MetaTrader 4, MetaTrader 5, TradingView integration, and its proprietary web and mobile platforms, serving over 1.5 million global clients. It is a FTSE 250 listed company with a strong market position and multiple regulatory licenses, including in Bermuda and the UK. The website is professionally designed, content-rich, and targets retail and institutional traders worldwide. Technically, the website is built on modern frameworks like Next.js and hosted on Vercel, with good mobile optimization and SEO practices. The platform supports multiple device types and integrates third-party services for enhanced user experience and marketing. However, the SSL certificate is currently invalid or missing, which is a critical security concern. Security headers are partially implemented, and there is no evidence of advanced security policies or incident response information on the site. The security posture is moderate with room for improvement, especially in SSL configuration and additional security headers. Privacy and cookie policies are present and indicate GDPR compliance, with clear consent mechanisms. Contact information is comprehensive, including phone, email, and physical addresses in multiple countries. The company demonstrates strong business credibility through trust indicators such as awards, Trustpilot reviews, and regulatory compliance. Overall, CMC Markets presents a professional and trustworthy online trading service with a mature digital presence. Addressing the SSL certificate issue and enhancing security headers would significantly improve the security posture and user trust.

B

bgm Partners

bgm-partners.com

0

bgm Partners is a small, privately owned corporate finance advisory firm headquartered in Vienna, Austria, with an additional presence in Luzern, Switzerland. The company specializes in mid-cap and large-cap advisory services focusing on Mergers & Acquisitions, Corporate Finance, and Project Finance. The website presents basic business information and service offerings targeting corporate clients seeking financial advisory services. The market position appears modest but globally oriented within the finance sector. Technically, the website is built on TYPO3 CMS and uses legacy JavaScript libraries such as jQuery 1.7.2. Google Analytics is implemented for visitor tracking, but the site lacks modern performance optimizations and mobile responsiveness is basic. The website does not use HTTPS, which is a critical security deficiency. The absence of a valid SSL certificate and modern TLS protocols exposes visitors to security risks and undermines trust. From a security perspective, the site lacks essential protections such as HTTPS, HSTS, and security headers. No incident response or security policies are publicly available, and no contact emails or phone numbers are provided for direct communication. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism. The presence of an unrelated external gambling link in hidden text raises minor suspicion. Overall, the website's risk profile is elevated due to missing HTTPS and weak security posture. Strategic improvements should prioritize securing the site with a valid SSL certificate, implementing security headers, and enhancing privacy compliance. Business credibility would benefit from clearer contact information and updated technical infrastructure.

Y

YES BANK

yesbank.in

0

YES BANK is a major Indian financial institution providing a range of banking services including retail, corporate, and investment banking. The website content analyzed is minimal and primarily technical, with no visible privacy or cookie policies, contact information, or user-facing content. The domain and DNS data confirm the legitimacy of the bank's online presence. Technically, the site uses Oracle Cloud infrastructure and Akamai CDN, with multiple third-party analytics and advertising integrations. However, the absence of a valid SSL certificate is a critical security flaw, severely impacting the site's security posture and user trust. Security headers are well configured but cannot compensate for the lack of HTTPS. Privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site requires urgent remediation of SSL issues and improved transparency in privacy and contact information to meet industry standards.

P

PXP Financial

pxpfinancial.com

0

PXP Financial is a UK-based payment technology company offering a unified commerce platform that simplifies global payments and commerce operations. The company targets a broad range of industries including retail, hospitality, gaming, and travel, providing services such as point of sale, eCommerce, acquiring, and cross-border payments. Their platform emphasizes intelligent payment routing, real-time business intelligence, and self-service capabilities, positioning them as a modern and innovative player in the payment solutions market. Technically, the website is built on HubSpot CMS with integrations of popular marketing and analytics tools such as Google Analytics, Hotjar, and Cookiebot for privacy compliance. However, the security posture is weakened by the absence of a valid SSL certificate and lack of modern TLS protocol support, which is a critical issue for a financial services provider. The domain registration is consistent and mature, registered with a reputable UK registrar, and the business is FCA authorized, enhancing credibility. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS security to meet industry standards and protect user data.

Irish Bank Resolution Corporation Limited (IBRC) is a financial institution currently in special liquidation, managing the orderly conclusion of its liquidation process. The website serves primarily as an informational portal to communicate the status of the liquidation, provide contact details, and notify stakeholders about deadlines for deeds of release and edischarges. The business operates under the supervision of the Central Bank of Ireland and is a successor to Irish Nationwide Building Society and Anglo Irish Bank Corporation Limited. The target audience includes creditors, impacted customers, and parties requiring documentation related to the liquidation. Technically, the website is built on Microsoft IIS with ASP.NET and uses Google Analytics for tracking. The hosting IP suggests Amazon AWS infrastructure. However, the site lacks a valid SSL/TLS certificate, serving content over HTTP only, which significantly impacts security posture. The site has basic design and content quality, reflecting its winding-down status, with limited interactivity and no forms. SEO and accessibility features are minimal. From a security perspective, the absence of HTTPS and security headers, lack of DNSSEC and CAA records, and no vulnerability disclosure policy indicate a low security maturity level. While no active vulnerabilities or malware were detected, the site is exposed to risks due to missing encryption and security best practices. Privacy compliance is partial, with a data protection notice available but no cookie consent mechanism despite use of Google Analytics. Overall, the website presents moderate business credibility but suffers from critical security shortcomings. Strategic improvements in SSL implementation, security headers, and privacy compliance are recommended to enhance trust and protect visitors. Given the nature of the business in liquidation, the website's limited functionality and content are understandable but should still meet basic security standards.

W

Wiener Privatbank

wienerprivatbank.com

0

Wiener Privatbank is a medium-sized Austrian private bank specializing in wealth and asset management, capital market investments, and real estate. The bank emphasizes personalized service, crisis-proof investment strategies, and trusted FATCA solutions. The website is built on a modern CMS platform (Craft CMS) with SEOmatic for SEO optimization and includes rich content and clear navigation targeting private banking clients and investors. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. While privacy policies are present and GDPR compliance appears addressed, no cookie consent mechanism or terms of service were found. Social media presence on Facebook, LinkedIn, and YouTube supports brand visibility. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to protect users and enhance trust.

A

APK Pensionskasse AG

apk-pensionskasse.at

0

APK Pensionskasse AG operates as a leading Austrian pension fund provider specializing in occupational retirement provisions. The company offers services to employers and employees to facilitate additional pension savings, managing contributions and investments to provide monthly payouts upon retirement. The website reflects a professional and consistent brand presence with clear business information and regulatory compliance references. Technically, the site is built on TYPO3 CMS and protected by Sucuri Cloudproxy, with Matomo analytics for privacy-conscious tracking. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is well addressed through cookie banners and a comprehensive privacy policy. Overall, the site demonstrates solid business credibility but requires urgent security improvements.

M

Moore Salzburg GmbH Wirtschaftsprüfungs- und Steuerberatungsgesellschaft

moore-salzburg.at

0

Moore Salzburg GmbH is a professional services firm based in Salzburg, Austria, specializing in tax consulting, auditing, accounting, payroll, and management consulting. The company operates as part of the global Moore network, providing a broad range of financial and consulting services to businesses and individuals. Their website reflects a medium-sized enterprise with a clear focus on regional expertise and international affiliation. Technically, the website is built on ASP.NET WebForms with Kentico CMS, utilizing modern front-end libraries such as Bootstrap and jQuery. However, the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The security posture is weak due to missing HTTPS, no security headers, and absence of cookie consent mechanisms despite using Matomo analytics. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional but requires urgent security improvements to protect user data and comply with privacy regulations.

A

ATP Koncernen

atp.dk

0

ATP Koncernen is a large Danish financial and governmental entity focused on securing economic welfare through pension management and welfare administration for Danish citizens. The website reflects a strong market position with comprehensive services including lifelong pension and welfare benefits administration. The digital infrastructure is built on Drupal CMS with integrations for cookie consent and analytics, demonstrating a mature technical setup. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing the site to risks and reducing trust. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional and trustworthy but requires urgent security improvements to align with best practices.

A

AURIGON Advisors AG

aurigon.ch

0

AURIGON Advisors AG is a specialized consulting firm focused exclusively on reinsurance and insurance sectors, serving clients primarily in Switzerland, the EU, USA, UK, and Latin America. Their key services include conflict resolution, audits, claims management, exit strategies, and strategic consulting. The company maintains a multilingual website with professional team profiles and contact information, indicating a small but internationally oriented business. Technically, the website is built on WordPress using the Enfold theme and includes multiple shortcodes and scripts, but lacks a valid SSL certificate, which is a critical security deficiency. The cookie consent mechanism is implemented, supporting GDPR compliance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the website is functional and professional in content but requires urgent security improvements to protect user data and enhance trust.

Generali Gruppe Österreich operates as a major insurance provider in Austria, offering a broad spectrum of insurance and financial products targeting both private and corporate customers. The company enjoys a strong market position with over 2 million customers and is part of the global Generali Group. Their website reflects a professional and comprehensive digital presence, showcasing extensive product offerings and customer services. Technically, the site leverages modern frameworks such as React and Gatsby, hosted on AWS infrastructure with CDN support for content delivery. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly undermines the site's security posture. Privacy and cookie policies are well implemented, indicating good compliance with GDPR requirements. Overall, the website is user-friendly, mobile-optimized, and trustworthy, but urgent improvements in SSL/TLS configuration are necessary to ensure secure communications and maintain customer trust.

H

Helvetia Versicherungen AG

helvetia.at

0

Helvetia Versicherungen AG is a well-established insurance provider in Austria with over 165 years of experience and a large customer base exceeding 650,000. The company offers a wide range of insurance and pension products tailored to private customers, including accident, vehicle, household, and life insurance. The website is professionally designed, content-rich, and provides comprehensive navigation and contact options, reflecting a mature digital presence. Technically, the site uses Adobe Experience Manager CMS and integrates Adobe DTM for analytics and marketing. However, a critical security gap exists as no valid SSL certificate is detected, resulting in no HTTPS support, which significantly impacts the security posture. Security headers are properly configured, but the lack of HTTPS is a major vulnerability. Privacy and cookie policies are present and comprehensive, indicating good compliance with GDPR. Overall, the website is trustworthy and credible but requires urgent security improvements to protect user data and maintain trust.

G

G8Way GmbH

prime-crowd.com

0

Gateway Ventures, formerly known as primeCROWD, operates as a startup investment platform focused on democratizing access to quality startup investments. The company targets experienced business angels, first-time investors, and founders, providing investment opportunities, educational bootcamps, and community events. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. However, the prime-crowd.com domain lacks HTTPS, which is a critical security concern. The main content is hosted on gateway.ventures, which uses modern technologies and CDN services. Security posture is weak due to missing SSL/TLS and security headers, though email authentication mechanisms like DKIM and SPF are in place. Privacy compliance is addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the business appears legitimate and consistent with WHOIS data, but security improvements are urgently needed.

C

CONFIDA Steiermark Steuerberatung GmbH

confida.at

0

CONFIDA Steiermark Steuerberatung GmbH is a professional tax advisory and auditing firm with a strong regional presence in Austria and Southeast Europe, including Croatia, Serbia, and Slovenia. The company offers a broad range of services such as tax consulting, auditing, corporate consulting, payroll accounting, and controlling. Their market position is that of an established medium-sized firm with multiple subsidiaries and offices, targeting businesses and individuals requiring financial and tax services. The website reflects a professional business model focused on client service and regional expertise. Technically, the website is hosted on an nginx server with DNS managed by net4you.net and uses Matomo analytics for privacy-conscious user tracking. The site employs modern web technologies including SVG graphics and JavaScript modules, and it is optimized for mobile devices with good accessibility and SEO practices. However, performance metrics indicate slow loading times, which could be improved. From a security perspective, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability impacting user trust and data protection. While some security headers are present, the absence of TLS protocols and OCSP stapling reduces the overall security posture. Privacy policies and cookie consent mechanisms are implemented, indicating compliance with GDPR requirements, but no explicit security policy or incident response information is provided. Overall, the website is professionally designed and content-rich, supporting the company's credibility and trustworthiness. The main risk lies in the missing SSL/TLS configuration, which should be addressed urgently to protect users and improve the security score. Strategic recommendations include implementing HTTPS, enhancing SSL configuration, and adding security and incident response documentation to strengthen compliance and trust.

zeb.rolfes.schierenbeck.associates gmbh is a leading European strategy, management, and IT consulting firm specializing in the financial services industry. The company offers a broad range of consulting services including transformation, regulatory compliance, and corporate education, targeting banks, insurance companies, and financial technology specialists. Their market position is strong within Europe, supported by multiple subsidiary domains and partner sites across key financial markets. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience and strong brand consistency. Technically, the website is built on Drupal 11 with modern frameworks such as Bootstrap and integrates analytics tools like Matomo and Google Tag Manager. Accessibility features and cookie consent mechanisms are implemented, reflecting good digital maturity. However, the website suffers from critical security issues due to the absence of a valid SSL certificate and lack of HTTPS support, which significantly impacts the security posture and overall trustworthiness. Security headers are well configured, but the lack of TLS protocols and OCSP stapling are notable vulnerabilities. Privacy compliance is strong, with comprehensive privacy and cookie policies and GDPR adherence. The company maintains active social media channels and provides clear contact information, enhancing business credibility. Overall, while the business and content aspects are excellent, urgent improvements in SSL/TLS configuration are necessary to elevate the security posture and user trust.

A

Audit Partner Austria Wirtschaftsprüfer GmbH

auditpartner.at

0

Audit Partner Austria Wirtschaftsprüfer GmbH is a professional services firm specializing in tax consulting and auditing services primarily serving Austrian businesses and professionals. The company emphasizes expertise, personal consultation, and proactive advisory services. Their website reflects a medium-sized firm with a consistent brand and a clear focus on finance-related services. The technical infrastructure is based on WordPress with common web technologies such as jQuery and Bootstrap, hosted on Austrian DNS infrastructure. However, the website lacks a valid SSL certificate, which significantly impacts its security posture. While basic security headers like HSTS are present, they are ineffective without HTTPS. The site provides comprehensive contact information and privacy policies, but lacks cookie consent mechanisms and explicit security or incident response policies. Overall, the website is professional and trustworthy but requires urgent improvements in SSL configuration and security transparency.

G

George Labs GmbH

george-labs.com

0

George Labs GmbH operates the digital banking platform 'George', serving over 10 million users across Europe. The platform is positioned as a modern, intelligent, and personal financial companion, backed by Erste Group Bank AG. The website reflects a mature digital presence with professional design, clear branding, and multi-country banking partnerships. Technically, the site is built on WordPress with Elementor and uses modern web technologies, but suffers from critical SSL/TLS misconfigurations that undermine security. Privacy compliance is well addressed with GDPR-aligned cookie consent and policies. Overall, the business is credible and well-positioned in the European digital banking sector, but must urgently address its SSL issues to ensure user trust and security.

S

SIGAL UNIQA

sigal.com.al

0

SIGAL UNIQA is a leading regional insurance group operating primarily in Albania, Kosovo, and North Macedonia, offering a comprehensive portfolio of insurance products including life, health, property, automobile, and marine insurance. The company is well-established since 1999 and is part of the larger UNIQA Insurance Group, which enhances its market credibility and operational scale. The website reflects a professional and well-branded digital presence with clear navigation and extensive content tailored to its target audience of individuals and businesses seeking insurance solutions. Technically, the site is built on WordPress with modern plugins and integrations, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of HTTPS support, which poses risks to user data confidentiality and trust. The company demonstrates commitment to security governance through ISO 27001:2022 certification and implements privacy and cookie policies compliant with GDPR standards. Marketing and analytics tools such as Google Analytics, Facebook Pixel, and Mailchimp are actively used, indicating a mature digital marketing strategy. Overall, while the business and content aspects are strong, urgent improvements in SSL/TLS configuration are necessary to enhance security posture and user trust.

B

Byte Media GmbH

vbwienbaden.at

0

Byte Media GmbH operates a WordPress-based website providing SEO, domain trading, and digital marketing services, with a focus on banking and insurance information for Baden bei Wien. The site targets private and business customers seeking financial services in the region. The technical infrastructure relies on nginx, WordPress, jQuery, and Bootstrap, hosted on a Plesk Linux environment. While the content is well-structured and SEO-optimized, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Additionally, no cookie consent mechanism or explicit privacy compliance features are implemented, despite the use of Google Analytics and Tag Manager for tracking. Contact information is clearly presented, and social media presence is strong, enhancing business credibility. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect users and comply with privacy regulations.

Raiffeisen Landesbank Kärnten is a prominent regional bank in Austria, specializing in comprehensive financial services for private and corporate clients. The website reflects a mature digital presence with extensive service offerings including corporate banking, private banking, investment, insurance, and online banking solutions. The bank emphasizes personalized service and regional economic support, positioning itself as a trusted partner for businesses and individuals in Carinthia. Technically, the site is built on Adobe Experience Manager with modern JavaScript frameworks and includes advanced cookie consent management. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture. Privacy policies and legal documents are well presented, supporting GDPR compliance. Overall, the site is professional and trustworthy but urgently requires remediation of its SSL/TLS configuration to ensure secure communications and maintain customer trust.

F

Fair Finance

fairfinance.org.uk

0

Fair Finance is a UK-based direct lender specializing in affordable personal loans up to £3000, targeting individuals including those with bad credit or on benefits. The company emphasizes social impact and financial advice, operating with FCA authorization. The website is built on WordPress with Elementor and integrates multiple marketing and analytics tools such as Google Analytics, Tag Manager, Hotjar, and Trustpilot for reputation management. Despite a professional design and clear business information, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy and terms of service pages are present and comprehensive, but no cookie consent mechanism is implemented despite tracking scripts being active. Contact information including phone and physical address is clearly provided, enhancing business credibility.

B

Bank Gutmann

gutmann.at

0

Bank Gutmann is a well-established private banking institution based in Austria, specializing in wealth management, investment advice, and tailored investment solutions since 1922. The website reflects a professional and content-rich digital presence targeting private and institutional banking clients. The technical infrastructure is built on the Liferay CMS platform with modern JavaScript frameworks such as React and Clay UI, indicating a mature digital environment. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture of the website, exposing users to potential risks. Privacy and cookie policies are present and GDPR compliant, with a moderate level of user tracking via Piwik PRO analytics. Overall, the website demonstrates good business credibility and user experience but requires urgent security improvements to protect client data and maintain trust.

D

durchblicker GmbH

durchblicker.at

0

durchblicker GmbH operates Austria's largest tariff comparison portal, specializing in consumer savings on household fixed costs such as insurance, energy, finance, and telecommunications. The platform offers a broad range of comparison calculators and personalized expert consultations, positioning itself as a trusted advisor for Austrian consumers. The website is professionally designed, mobile-optimized, and rich in relevant content, supporting a strong market presence. Technically, the site leverages modern frameworks like Next.js and React, hosted on Google Cloud infrastructure with Cloudflare DNS services. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of support for modern TLS protocols, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms, and business credibility is reinforced by strong trust signals including eKomi ratings and industry awards. Strategic improvements in SSL/TLS implementation and DNS security would significantly enhance the overall security and trustworthiness of the platform.

Schoellerbank AG is a well-established Austrian private bank specializing in sustainable wealth management and investment solutions. The website reflects a professional and comprehensive presentation of their services, targeting private clients seeking long-term financial security and personalized advisory. The affiliation with UniCredit S.p.A. further strengthens their market position and credibility. Technically, the website employs modern JavaScript libraries and cookie consent management tools, but suffers from poor SSL/TLS configuration, lacking a valid certificate and HTTPS support, which poses significant security risks. Privacy policies and cookie consent mechanisms are well implemented and GDPR compliant. Overall, the site offers a good user experience but requires urgent security improvements to protect user data and maintain trust.

G

GRAWE osiguranje a.d.o.

grawe.rs

0

GRAWE Srbija is a well-established insurance company operating in Serbia, offering a broad range of life and non-life insurance products including vehicle, property, and health-related insurance. The company is part of the larger GRAWE Group, which has a long tradition in the insurance sector. The website is professionally designed using TYPO3 CMS and integrates modern technologies such as Google Tag Manager and Cloudfront CDN. It provides clear navigation, comprehensive product information, and multiple contact channels including phone, email, and social media. Privacy and cookie policies are present and include consent mechanisms, indicating good compliance with GDPR requirements. However, the website suffers from a critical security issue: the SSL certificate is invalid or missing, resulting in HTTPS not being properly enabled. This significantly impacts the security posture and user trust. Security headers are well configured, but the lack of valid SSL and modern TLS protocols is a major vulnerability. No explicit security or incident response policies are published, and no vulnerability disclosure or security.txt files are found. Overall, the website is functional and credible but requires urgent remediation of SSL/TLS issues to improve security and trust.

S

SimCorp A/S

simcorp.com

0

SimCorp A/S is an established enterprise software provider specializing in integrated, multi-asset investment management solutions for leading asset managers globally. The company offers a comprehensive platform, SimCorp One, alongside specialized point solutions such as Axioma risk models. The website reflects a mature business with a strong market position, supported by numerous industry awards and client testimonials. Technically, the site is built on modern frameworks including Next.js and hosted on Vercel, with a headless Sitecore CMS backend, ensuring good digital maturity and user experience. However, the security posture is notably weak due to the absence of a valid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy and legal compliance are well addressed with comprehensive policies and GDPR adherence. Overall, the site is professional and credible but requires urgent security improvements to align with best practices.

D

DenizBank A.Ş.

denizbank.com

0

DenizBank A.Ş. is a large Turkish financial institution offering a broad range of banking services including retail, corporate, and specialized banking sectors. The website reflects a mature digital presence with comprehensive service offerings, detailed legal disclosures, and strong branding consistency. The bank targets both individual and business customers with tailored products and digital banking solutions. The site includes rich content, interactive calculators, and marketing campaigns, indicating a well-developed digital marketing strategy. Technically, the website uses modern JavaScript frameworks and integrates third-party marketing and analytics tools such as Google Tag Manager and Adjust. However, performance metrics indicate slow loading times, and the SSL/TLS configuration is critically flawed with an invalid certificate and no TLS protocols enabled, posing significant security risks. Security posture is moderate with good use of security headers but undermined by the lack of valid SSL and TLS support. Privacy compliance is strong with detailed privacy policies and data protection disclosures, including a dedicated KVKK (Turkish data protection law) section. Contact information is clearly presented, enhancing business credibility. Overall, while the business and content aspects are strong, the critical SSL issues represent a major risk that must be addressed immediately to protect user data and maintain trust.