Security Directory

P

PennWhite

pennwhite.co.uk

0

PennWhite is a mature, medium-sized global manufacturer specializing in foam control agents and chemical solutions, operating as a subsidiary of Manali Petrochemicals Limited. The company serves a broad industrial audience with over 35 years of experience and a presence in 40+ countries. The website is a modern Angular-based single-page application hosted on AWS infrastructure, demonstrating a good level of digital maturity with responsive design and professional branding. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap that undermines user trust and data protection. Privacy compliance is basic, with no cookie consent mechanism or explicit GDPR adherence visible. The company shows trustworthiness through certifications and corporate affiliations but should urgently address security shortcomings to improve its posture and compliance.

M

Medaprint Solutions Limited

mediaprint.design

0

Mediaprint Solutions Limited is a small UK-based company specializing in graphic design and print services, targeting businesses seeking professional branding and print solutions. The website is built on WordPress using the BeTheme and Revolution Slider plugins, hosted by IONOS SE. While the site presents a professional design and clear contact information, it lacks HTTPS support, which is a critical security deficiency. The absence of cookie consent mechanisms and limited privacy compliance indicators suggest room for improvement in regulatory adherence. Overall, the business appears legitimate with a mature domain age and consistent branding, but the technical and security posture requires enhancement to protect users and improve trust.

NCM - net communication management GmbH is a specialized digital marketing agency based in Salzburg, Austria, focusing on the tourism and hospitality sector. The company offers a comprehensive suite of services including SEO, SEA, social media marketing, web design, and proprietary tourism tools to enhance online presence and lead generation for hotels. The website is professionally designed, content-rich, and well-structured, targeting German-speaking tourism businesses. Technically, the site uses modern frameworks and CMS (Contao) but critically lacks a valid SSL/TLS certificate, exposing it to security risks and undermining user trust. Security headers are properly configured, but the absence of HTTPS significantly lowers the security posture. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Contact information is transparent and accessible, supporting business credibility. Overall, the site demonstrates strong business maturity and digital presence but requires urgent security improvements to protect users and maintain trust.

M

MERKUR GAMING

merkur-gaming.com

0

MERKUR GAMING is an international sales and development brand under the German-based Gauselmann Group, specializing in gaming machines, linked progressive jackpots, and related gaming products. The website targets B2B clients in the gaming industry, offering a portfolio of games, cabinets, and linked solutions. The company maintains a consistent and professional brand presence with active social media channels and a corporate website featuring product showcases and news updates. Technically, the website uses a traditional Apache server with a variety of JavaScript libraries including jQuery and Bootstrap, and integrates a Usercentrics consent management platform along with Matomo analytics for privacy-conscious tracking. However, the site lacks HTTPS encryption, which is a critical security vulnerability. Security headers are partially implemented, but the absence of SSL/TLS severely impacts the security posture. Privacy compliance is supported by a cookie consent mechanism and a basic privacy policy, though no explicit security or incident response policies are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

S

SVD Büromanagement GmbH

svdgmbh.at

0

SVD Büromanagement GmbH is a medium-sized Austrian company specializing in providing comprehensive management and support services across multiple sectors including construction, procurement, IT, facility management, printing, information security, payroll, and legal services. The company primarily serves government and social insurance institutions, positioning itself as a key regional player with a strong focus on public sector needs. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its target audience of government agencies, suppliers, and job seekers. Technically, the site employs modern JavaScript libraries such as jQuery 3.6.0 and Jakarta Faces framework, hosted on Apache servers with a CMS likely based on Gentics. However, performance is slow and SSL/TLS security is critically lacking due to an invalid or missing certificate and disabled TLS protocols. Security headers are present but insufficient to compensate for the lack of HTTPS, resulting in a low security posture score. Privacy compliance is strong with comprehensive privacy and cookie policies and an active consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and build trust.

E

EBNER Industrieofenbau GmbH

ebner.cc

0

EBNER Industrieofenbau GmbH is a well-established global leader in manufacturing heat treatment furnace facilities for the steel, aluminum, and copper base metal industries. The company is family-owned, founded in 1948, and headquartered in Austria. Their website reflects a mature digital presence with multilingual support, professional content, and clear business information targeting industrial B2B customers. Technically, the site runs on WordPress with modern plugins and Cloudflare CDN, but suffers from critical SSL/TLS misconfiguration, lacking a valid HTTPS certificate and modern protocol support, which severely impacts security posture. Privacy compliance is well addressed with GDPR cookie consent and a comprehensive privacy policy. However, no explicit security policy or incident response information is publicly available, which could be improved to enhance trust. Overall, the site is professional and credible but requires urgent security upgrades to protect visitors and maintain reputation.

T

Tait Communications

taitradio.com

0

Tait Communications is a mature and established enterprise specializing in critical communication solutions for public safety, transportation, and utility sectors. With over 50 years of experience and a global presence headquartered in New Zealand, the company offers a comprehensive portfolio of products including broadband radios, P25 and DMR radios, network management software, and professional services such as implementation and training. The website reflects a professional and consistent brand image with rich content tailored to mission-critical communication users. Technically, the website is built on the HubSpot CMS platform, leveraging modern JavaScript libraries such as Splide.js and Swiper.js for interactive elements, and integrates Google Analytics 4 and Google Tag Manager for analytics and marketing. Hosting and CDN services are provided by Cloudflare, enhancing availability and security. However, the site currently lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Security posture is weakened by the absence of valid TLS protocols and session resumption features, although some security headers like HSTS and Content Security Policy are present. Privacy compliance is supported by a comprehensive privacy policy and terms of service, but the lack of a cookie consent mechanism is a gap given the use of tracking technologies. Contact information is clearly provided with physical addresses and phone numbers, and social media presence is active on major platforms. Overall, while the business and content quality are excellent, the security deficiencies notably the missing SSL certificate, reduce the trustworthiness and security score. Strategic remediation of SSL and HTTPS issues, along with enhanced privacy controls, will significantly improve the website's security and compliance posture.

ZEGNA.com is the official online store for the luxury menswear brand ZEGNA, targeting discerning male customers seeking high-end designer clothing and accessories. The website offers a comprehensive product catalog with a strong focus on user experience, supported by modern web technologies such as Vue.js and Akamai CDN for performance and scalability. The site integrates multiple marketing and analytics tools to optimize customer engagement and business intelligence. However, a critical security gap exists due to the absence of a valid SSL certificate, which undermines the security posture and trustworthiness of the platform. Legal and privacy policies are well documented and accessible, indicating good compliance with GDPR and related regulations. Overall, the site presents a professional and trustworthy e-commerce experience but requires urgent remediation of its SSL/TLS configuration to meet modern security standards.

C

CCL Industries

cclind.com

0

CCL Industries is a global leader in specialty packaging and the largest label company worldwide, with headquarters in Canada and the USA. The company operates across multiple sectors including home & personal care, premium food & beverage, healthcare, automotive, and security, supported by subsidiaries such as Avery, Checkpoint, Innovia, CCL Design, and CCL Secure. Their website reflects a mature enterprise with comprehensive investor relations, sustainability initiatives, and corporate governance information. Technically, the site is built on WordPress with common plugins and libraries, hosted behind Cloudflare, but suffers from a lack of a valid SSL certificate, impacting security posture. The absence of HTTPS and security headers, along with no visible cookie consent mechanism, represents significant security and privacy compliance gaps. Overall, the site is professional and content-rich but requires urgent improvements in security configuration and privacy compliance to align with best practices.

X

XOLUTO

xoluto.at

0

XOLUTO is a small technology consulting firm based in Austria, specializing in digital strategy, sales and service process optimization, and AI strategy enablement. The website presents a professional and consistent brand image focused on delivering sustainable digital solutions to businesses. Technically, the site is built on a modern Angular framework and hosted on a provider associated with the domain's nameservers. However, the website lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Security headers are minimal, and no advanced security practices are observed. Privacy compliance is poor, with no privacy or cookie policies detected, and no GDPR compliance indicators. Contact information is limited to phone icons and a contact page link, with no explicit emails or phone numbers visible. Overall, the site demonstrates moderate business credibility but requires urgent improvements in security and privacy to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

R

Rohde & Schwarz GmbH & Co. KG

rohde-schwarz.com

0

Rohde & Schwarz GmbH & Co. KG is a well-established global technology company specializing in test and measurement, technology systems, networks, and cybersecurity solutions. With a history spanning over 90 years and a strong family ownership model, the company serves industries, governments, and public authorities worldwide. Their product and service portfolio includes advanced measurement equipment, cybersecurity services, and technology systems designed to ensure security and connectivity. The website reflects a mature, professional enterprise with consistent branding and comprehensive content targeting technology professionals and institutional clients. Technically, the website employs modern JavaScript libraries such as RequireJS, Adobe Launch for tag management, and accessibility tools like UserWay. The site is well-structured with good SEO and accessibility practices, and it is mobile-optimized. However, a critical security gap is the absence of a valid SSL/TLS certificate and HTTPS support, which severely impacts the security posture and user trust. Security-wise, while the site implements several security headers and cookie protections, the lack of HTTPS and TLS protocols is a major vulnerability. No incident response or vulnerability disclosure information is publicly available, which could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. Overall, the website is professional and trustworthy from a business perspective but requires urgent security improvements to enable HTTPS and strengthen its security posture. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security header configurations to protect users and data integrity.

I

ICON Wirtschaftstreuhand GmbH

icon.at

0

ICON Wirtschaftstreuhand GmbH is a medium-sized Austrian professional services firm specializing in tax consulting, auditing, and international tax expertise. The company holds a strong market position, being ranked first in sustainability and machinery & plant engineering consulting by INDUSTRIEMAGAZIN in 2025. Their business model focuses on delivering comprehensive tax and audit services through nine specialized service lines supported by a global network and membership in WTS Global. The website reflects a professional and consistent brand image targeting businesses and private clients with international tax needs. Technically, the site is built on TYPO3 CMS, served via Apache and Amazon CloudFront CDN, and uses modern web technologies including Font Awesome and Google Tag Manager. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortcoming despite the presence of strong security headers and a content security policy. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is comprehensive and clearly presented. Overall, the site is well-designed and content-rich but requires urgent security improvements to enable HTTPS and strengthen its security posture.

M

Mavie Work GmbH

consentiv.com

0

Mavie Work GmbH operates as a healthcare-focused B2B service provider specializing in comprehensive corporate health programs, including mental health support, physical wellness, and coaching services primarily targeting Austrian and German companies. The company has a mature market presence with over 15 years of domain registration and 20 years of operational experience, supported by multiple regional locations and digital platforms. Technically, the website leverages modern frameworks such as Next.js and Contentful CMS hosted on Google infrastructure, indicating a contemporary digital maturity. However, the absence of a valid SSL certificate and HTTPS implementation represents a critical security vulnerability that undermines user trust and data protection. Privacy compliance is partially addressed with a privacy policy present but lacks visible cookie consent mechanisms. Overall, the website demonstrates good business credibility and content quality but requires urgent security improvements to meet industry standards and regulatory requirements.

P

Pacific National

pacificnational.com.au

0

Pacific National is Australia's largest private rail freight operator, providing comprehensive rail logistics services across the country. The company emphasizes safety, customer service, and operational excellence, serving a broad range of industries with extensive rail assets including locomotives and wagons. Their market position is strong as a trusted logistics partner with a large customer base and national presence. Technically, the website is built on WordPress hosted on WP Engine with Cloudflare CDN, utilizing common web technologies such as jQuery, Bootstrap, and Owl Carousel. The site is moderately optimized for performance and mobile responsiveness, with good SEO practices and structured data implemented for enhanced search visibility. From a security perspective, the site currently lacks a valid SSL certificate and does not support HTTPS, which is a critical vulnerability. Security headers are minimal, and advanced protections like HSTS and OCSP stapling are not enabled. While some security best practices like HttpOnly and Secure cookie flags are set, the overall security posture is weak and requires urgent improvement. Overall, the website is professional and content-rich but suffers from significant security shortcomings that impact user trust and compliance. Strategic improvements in SSL/TLS deployment and privacy compliance mechanisms are recommended to enhance security and regulatory adherence.

The website noda.at is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any actual business content or services. The site lacks a valid SSL certificate and does not serve content over HTTPS, severely impacting security posture. No privacy, cookie, or terms of service policies are present, and no contact information or business details are available. The technical infrastructure relies on Cloudflare for DNS and security services but is misconfigured or incomplete, resulting in the site being blocked. Overall, the site is not operational and presents significant security and compliance gaps.

L

LGT Private Banking

lgt.com

0

LGT Private Banking is a well-established global private bank with over 100 years of history, specializing in wealth management and investment solutions for wealthy clients. The website reflects a professional and consistent brand image, targeting high-net-worth individuals and financial intermediaries. The business model focuses on private banking services, investment solutions, and sustainability-oriented wealth management. Technically, the website uses modern web technologies and is hosted on a reputable CDN provider, but suffers from critical SSL/TLS misconfiguration, impacting security and user trust. Security headers are well implemented, but the lack of HTTPS is a major vulnerability. Privacy compliance is partially met with a clear privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is content-rich, professionally designed, and trustworthy, but requires urgent security improvements.

B

BORBET GmbH

borbet-austria.at

0

BORBET GmbH is a large, internationally oriented family-owned manufacturer specializing in aluminum alloy wheels for the automotive industry and specialist trade. The company offers a comprehensive product range including a 3D wheel configurator and operates both B2B and B2C sales channels. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeting automotive customers and partners. Technically, the site uses a custom CMS with common JavaScript libraries but lacks modern SSL/TLS security, which is a critical vulnerability. Privacy compliance is well addressed with a cookie consent mechanism and clear privacy policy. Contact information and social media presence enhance business credibility. However, the absence of a valid SSL certificate and TLS protocols significantly undermines the security posture, exposing users to risks. Strategic improvements in SSL deployment and security best practices are urgently recommended.

S

Semantic Web Company

semantic-web.com

0

Semantic Web Company is a technology provider specializing in semantic AI solutions, including text mining, recommender systems, and data fabric platforms. Headquartered in Austria with subsidiaries in the US and UK, the company offers the PoolParty Semantic Suite as its flagship product. The website is professionally designed using WordPress with modern plugins and SEO optimizations, targeting businesses seeking advanced AI-driven knowledge management solutions. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are partially implemented, but TLS protocols are not enabled, exposing the site to potential risks. Privacy and cookie policies are present and GDPR compliant, with a functional consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy. Overall, the site demonstrates good business credibility and technical maturity but requires urgent security improvements.

E

Excellence AG

excellence.ag

0

Excellence AG is an international technology partner specializing in engineering and IT services with a strong focus on green technology and sustainability. The company operates multiple offices across Germany and the Netherlands, offering green tech job opportunities and supporting sustainable projects in energy and transportation sectors. Their website is professionally designed, content-rich, and targets professionals interested in green technology careers and partnerships. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, integrated with Google Tag Manager and social login plugins for LinkedIn and Xing. The hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security shortfall. Performance metrics are not available, but the site shows good mobile optimization and SEO practices. From a security perspective, the absence of HTTPS and modern TLS protocols significantly lowers the security posture. No advanced security headers or incident response policies are evident. Privacy compliance is partially met with a comprehensive privacy policy and GDPR consent statements on forms, but no cookie consent mechanism is detected. Business credibility is supported by ISO 9001 certification, multiple office locations, and professional content. Overall, the website presents a trustworthy and professional business front but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include SSL implementation, security header enhancements, and adding explicit cookie consent mechanisms to align with privacy regulations.

S

System Industrie Electronic GmbH

sie.at

0

System Industrie Electronic GmbH (S.I.E) is a market-leading specialist in the development and manufacturing of embedded and cyber-physical systems. The company offers a comprehensive portfolio of services including ideation, engineering, production, and quality lifecycle management, targeting industrial clients requiring customized embedded solutions. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and integrations such as Google Analytics, Google Tag Manager, and OneSignal push notifications. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which poses a significant risk to data confidentiality and user trust. Privacy compliance is well addressed with comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. Overall, the business demonstrates strong credibility and market positioning, but urgent improvements in SSL/TLS configuration are necessary to enhance security and trust.

The website plantweave.com is currently inaccessible due to a DNS resolution error as indicated by the Cloudflare error page. No business content, contact information, or policies are available on the site, preventing any meaningful analysis of the company's offerings or market position. The site is protected by Cloudflare but lacks a valid SSL certificate and modern TLS protocols, resulting in a poor security posture. The absence of privacy and cookie policies further indicates non-compliance with common data protection standards. Overall, the website's digital presence is minimal and blocked, severely limiting trust and credibility assessments.

T

TECHNOMA Technology Consulting & Marketing GmbH

technoma.at

0

TECHNOMA Technology Consulting & Marketing GmbH is an Austrian consulting company specializing in environmentally friendly mobility solutions, particularly in rail and electromobility sectors. Established in 1995, it serves an international clientele with services including e-bus consulting, management systems, procurement, authorizations management, research projects, and system engineering. The company maintains a professional online presence with a well-structured website showcasing its services and client partnerships. Technically, the website is built on WordPress with common plugins and libraries, but lacks HTTPS, which is a critical security shortfall. The absence of SSL/TLS encryption exposes users to potential data interception risks. Privacy compliance is partially addressed with a cookie consent banner and a privacy policy page, though the latter is in German and may limit accessibility for international users. Overall, the website demonstrates good business credibility but requires urgent security enhancements to protect user data and improve trust.

Ö

Österreichische Staatsdruckerei

staatsdruckerei.at

0

The Österreichische Staatsdruckerei (Austrian State Printing House) is a well-established government-related entity specializing in secure identity document production and digital identity solutions. With over 200 years of experience, it holds a strong market position internationally, offering tailored ID products and digital government services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site is built on WordPress with modern SEO and analytics tools, but suffers from a critical SSL/TLS misconfiguration that undermines its security posture. Privacy compliance is robust, featuring detailed policies and a consent mechanism. Overall, the business credibility is high, supported by multiple certifications and active social media engagement.

K

kronehit

kronehit.at

0

kronehit.at is an Austrian online radio platform delivering streaming media content primarily to German-speaking audiences. The website focuses on radio and video streaming services supported by advertising, leveraging technologies such as Cloudflare CDN, Usercentrics for cookie consent, Firebase Cloud Messaging for push notifications, and Google Analytics for tracking. The site is positioned as a recognized media outlet in Austria with a medium-sized operational scale. Technically, the site uses modern JavaScript libraries and streaming players but suffers from slow performance and basic mobile optimization. Security posture is weak due to the absence of a valid SSL certificate and incomplete TLS configuration, despite the presence of multiple security headers. Privacy compliance is partial, with cookie consent implemented but no visible privacy policy or terms of service. Overall, the site demonstrates moderate business credibility but requires significant improvements in security and privacy transparency to enhance trust and compliance.

E

ERRP | Expired Registration Recovery Policy

pressel.com

0

The website pressel.com currently serves as a placeholder page indicating that the domain registration has expired and is pending renewal or deletion. It provides multilingual notices about the Expired Registration Recovery Policy but does not offer active business services or detailed company information. The site uses minimal technical infrastructure, including an nginx server and Google Analytics for tracking, but lacks modern security features such as HTTPS, SSL certificates, and DNSSEC. The absence of contact information, privacy compliance mechanisms, and security policies indicates a low level of digital maturity and business readiness. Overall, the site is not operational for business purposes and presents significant security and compliance gaps.

L

Life and Career Design Consulting GmbH

lifeandcareer.eu

0

Life and Career Design Consulting GmbH is a small Austrian consulting firm specializing in career development and interim management services. Their website, built on Squarespace, offers bilingual content in German and English, targeting professionals seeking coaching, training, and assessment services. The company maintains a professional online presence with clear contact information and active social media channels. Technically, the website uses standard Squarespace infrastructure and Typekit fonts but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. The absence of privacy and terms of service policies indicates gaps in compliance. Security posture is weak due to missing HTTPS and security headers, exposing the site to potential risks. Overall, the business appears legitimate and consistent with its domain registration data, but improvements in security and privacy compliance are necessary to enhance trust and user safety.

Diakoniewerk is a well-established non-profit organization operating in the social and healthcare sectors across multiple Austrian regions and internationally. With a workforce of approximately 4,000 employees, it provides a broad range of services including senior care, disability support, education, integration, and community development. The website reflects a mature digital presence with comprehensive content, active recruitment, and engagement through social media and newsletters. Technically, the site is built on the Ibexa Open Source CMS and integrates modern marketing and analytics tools, though performance data is unavailable. Security posture is weak due to the absence of HTTPS, which poses a critical risk. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates strong business credibility but requires urgent security improvements.

C

Clarivate

unycom.com

0

Clarivate's Unycom website presents a comprehensive corporate IP lifecycle management software solution targeted at mid-size to global corporations. The site is professionally designed with rich content, clear navigation, and extensive integration of analytics and marketing tools, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS support is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. The WHOIS data confirms domain legitimacy and corporate ownership, reinforcing business credibility. Overall, the site demonstrates strong business positioning and technical maturity but requires urgent security improvements to meet modern standards.

C

Campofrío Food Group, S.A.U

campofrio.es

0

Campofrío Food Group, S.A.U is a well-established Spanish company specializing in the production and commercialization of meat products. It holds a strong market position in Spain with a diverse portfolio of brands and products, focusing on quality, innovation, and sustainability. The website demonstrates a high level of content quality, with detailed product information, recipes, and corporate social responsibility initiatives. Technically, the site uses modern frameworks such as Next.js and Drupal CMS, ensuring good mobile optimization and user experience. However, the absence of a valid SSL certificate significantly impacts the security posture, reducing the overall security score. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, reflecting a mature approach to data protection. The company is part of the larger Sigma Alimentos group, with several subsidiary brands and dedicated service platforms. Overall, the website is professional and trustworthy but requires urgent attention to its SSL configuration to enhance security and user trust.

The website flyniki.com serves as an informational portal for NIKI Luftfahrt GmbH, a defunct airline that ceased operations in December 2017. The site primarily informs visitors about the suspension of flight services and directs affected passengers to their travel agencies and an external insolvency information page. The business focus was on passenger air transportation, but the airline is no longer operational. Technically, the website is minimalistic, running on an Apache server with no modern web technologies or CMS detected. The site lacks HTTPS, exposing visitors to security risks. There are no privacy or cookie policies, no contact information, and no forms, indicating limited digital maturity and user engagement capabilities. Security posture is weak due to the absence of SSL/TLS, security headers, and DNS security features. Overall, the site reflects a legacy presence rather than an active business platform.

F

Fuhrparkverband Austria

fuhrparkverband.at

0

Fuhrparkverband Austria (FVA) is a specialized Austrian platform dedicated to fleet management information and networking. It serves as an independent voice and competence partner for fleet operators, companies, and policymakers in Austria. The organization offers membership-based services including events, seminars, newsletters, and surveys to foster knowledge exchange and professionalization in corporate mobility management. The website reflects a medium-sized organization with a clear focus on the transportation sector and a strong presence in Austria. Technically, the site is built on WordPress with modern plugins and SEO tools, but lacks HTTPS, which is a critical security gap. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. The site integrates Google Analytics and Mailchimp for marketing and analytics purposes. Social media presence is robust across major platforms. Overall, the site is professional and content-rich but requires urgent security improvements to enable HTTPS and modern TLS protocols.

N

Next Research GmbH

nextresearch.org

0

Next Research GmbH is a specialized contract research organization (CRO) based in Austria, focusing on clinical research, scientific consulting, and market analytics primarily in the healthcare sector, especially interventional radiology. The company leverages a decade of experience and strong ties to the CIRSE medical society to deliver tailored research services. Their website presents a professional image with comprehensive service descriptions, a detailed team section, and clear contact options including direct scheduling links. Technically, the site is built on WordPress with modern plugins for cookie consent and analytics, but suffers from a critical lack of a valid SSL certificate, impacting security and trust. Privacy policies are thorough and GDPR compliant, with user-friendly cookie consent mechanisms and opt-out options for analytics tracking. Overall, the business appears credible and well-positioned in its niche, but the absence of HTTPS is a significant security gap.

S

Ski Lodge Jaktman

skilodgejaktman.com

0

Ski Lodge Jaktman is a small hospitality business located in Bad Gastein, Austria, specializing in ski holiday accommodation and related tourism services. The website positions itself strongly in the local market, boasting the number one ranking on Tripadvisor for eight consecutive years, which indicates a solid reputation and customer satisfaction. The business offers rooms, apartments, ski equipment rental discounts, and packages for skiing and other alpine activities, targeting winter sports enthusiasts and tourists visiting the Gastein Valley. Technically, the website is hosted on IONOS SE infrastructure using the IONOS MyWebsite CMS platform. The site uses Apache server technology and includes JavaScript libraries such as jQuery and lightbox plugins for image galleries. However, the website lacks a valid SSL/TLS certificate and does not serve content over HTTPS, which is a critical security and trust issue. Performance is slow, and mobile optimization and accessibility are basic. SEO is also basic with some meta tags but no advanced structured data or JSON-LD. From a security perspective, the site has minimal security headers and no active HTTPS, which severely limits its security posture. The Content Security Policy is set to report-only mode, and the X-XSS-Protection header is disabled. No incident response or vulnerability disclosure policies are published. The domain is mature and registered consistently with the business location, but the lack of HTTPS and privacy policies are significant compliance and security gaps. Overall, the website is functional and provides good business information and user experience but requires urgent improvements in security, privacy compliance, and technical modernization to enhance trust and protect user data.

H

Herz Jesu Krankenhaus GmbH

kh-herzjesu.at

0

Herz Jesu Krankenhaus GmbH is a medium-sized, non-profit orthopaedic specialist hospital located in Vienna, Austria, operating under the parent company Vinzenz Kliniken Wien. The hospital offers specialized healthcare services in orthopaedics, rheumatology, osteology, remobilisation, and operates the largest pulmonological sleep laboratory in Vienna. The website targets patients, visitors, medical professionals, and job seekers, providing comprehensive information about services, events, and career opportunities. The hospital emphasizes professional, personal, and compassionate care with external quality certifications such as the 'Audit Beruf und Familie'. Technically, the website is built on TYPO3 CMS with Bootstrap and jQuery frameworks, delivering a responsive and well-structured user experience. However, the site suffers from slow loading times and lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security deficiency. The cookie consent mechanism and privacy policy are well implemented, reflecting good privacy compliance. Social media integration and external partnerships are clearly presented, enhancing the hospital's digital presence. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture, exposing users to potential risks. No advanced security headers or incident response information are found, indicating room for improvement in security maturity. The WHOIS data confirms the domain's legitimacy and consistency with the hospital's business claims. Overall, the website is professional and content-rich but requires urgent security enhancements, particularly SSL/TLS implementation, to protect user data and improve trust. Performance optimization and additional security best practices are recommended to elevate the site's technical and security standards.

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 29 security findings identified across all modules.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

GMS GOURMET GmbH is a leading Austrian company specializing in community catering, private label food production, and gastronomy services with over 45 years of experience. The company serves a broad audience including kindergartens, schools, workplaces, senior homes, and event catering, positioning itself as the market leader in Austria's community gastronomy sector. Their business model focuses on delivering high-quality, healthy, and sustainable food solutions tailored to diverse customer needs. The website reflects a mature digital presence built on TYPO3 CMS, integrating modern marketing and consent management tools such as Google Tag Manager and Cookiebot. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy compliance is well addressed with clear policies and consent mechanisms. The company demonstrates strong trust signals through multiple certifications, sustainability initiatives, and family-friendly employer awards.

A

AMETEK Grabner Instruments

grabner-instruments.com

0

AMETEK Grabner Instruments is a medium-sized business specializing in the development and manufacturing of automatic petroleum testing equipment, including vapor pressure testers, flashpoint testers, and fuel analyzers. The company operates globally with a strong market position as an innovator and thought leader in fuel analysis technology. Their website reflects a professional business model focused on manufacturing, sales, training, and technical support services for the petroleum and energy sectors. Technically, the website uses ASP.NET technology with JavaScript libraries and is hosted on AWS infrastructure. While the site is mobile optimized and has good content quality, it suffers from slow load times and lacks a valid SSL certificate, which impacts security posture significantly. Privacy compliance is well addressed with comprehensive cookie and privacy policies and a consent mechanism. Security best practices are partially implemented but require urgent improvements, especially regarding HTTPS and security headers. Overall, the domain registration data aligns well with the business claims, indicating a trustworthy and legitimate entity.

W

Wittur Group

wittur.com

0

Wittur Group operates as a leading global supplier of elevator components, offering a broad portfolio including doors, cars, drives, safety devices, and modernization solutions. The company targets elevator manufacturers, suppliers, and service providers, positioning itself as a trusted B2B partner in the transportation sector. Their website reflects a mature digital presence with comprehensive product information, customer service tools, and compliance documentation. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and analytics platforms like Google Analytics and Matomo. However, the absence of a valid SSL certificate and lack of security headers represent significant security weaknesses that could impact user trust and data protection. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the website is professional and content-rich but requires urgent security improvements to meet industry best practices.

T

TAC | The Assistant Company

tac.eu.com

0

TAC | The Assistant Company is a medium-sized technology provider specializing in all-in-one business software solutions tailored for the hospitality and wellness sectors, including spas, fitness clubs, and thermal baths. Their product suite includes Reservation Assistant, Club Assistant, and Entry Assistant software, complemented by automated wristband issuance and online webshop capabilities. The company has a solid market position supported by long-term client relationships and partnerships with notable industry players. Their website reflects a professional and consistent brand image with good content quality and user experience, targeting businesses seeking integrated software solutions to streamline operations. Technically, the website is built on a modern WordPress CMS platform using PHP 8.1, nginx, and popular plugins such as WPBakery Page Builder and Slider Revolution. The site employs lazy loading for images and integrates marketing and analytics tools like Google Analytics and Sendinblue. Hosting is managed by internex.at, and the site demonstrates good SEO and mobile optimization practices. However, performance is moderate, and accessibility features are basic. From a security perspective, the site implements several important HTTP security headers and a cookie consent mechanism compliant with GDPR. Unfortunately, the SSL/TLS configuration is critically lacking, with no valid SSL certificate installed, no TLS protocols enabled, and malformed CAA DNS records. This significantly reduces the security posture and exposes the site to risks associated with unencrypted traffic. No explicit security policies or incident response information are found. Overall, TAC presents a trustworthy and professional business with strong privacy compliance and marketing transparency. The primary risk lies in the absence of HTTPS, which should be urgently addressed to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and improving SSL configuration to enhance security and user confidence.

The website telefonicaando2careers.com is currently inaccessible in terms of meaningful content. It serves a frameset that redirects users to a different domain (ww17.telefonicaando2careers.com) without providing any visible content, metadata, or business information. The SSL certificate is invalid or missing, resulting in no HTTPS support, which is a critical security flaw. The site includes New Relic Browser monitoring scripts indicating some level of performance and analytics tracking, but lacks essential privacy, cookie, and contact policies. Overall, the site appears to be either parked, under construction, or blocked by security mechanisms, severely limiting its usability and trustworthiness.

OeKB Gruppe is a central financial service provider based in Austria, supporting the Austrian economy with a broad range of services including export financing, capital market services, energy market services, development financing, and tourism services. The website presents a professional and comprehensive overview of their offerings, targeting Austrian businesses, investors, and financial institutions. The company holds a strong market position as a key financial institution in Austria. Technically, the website uses a custom CMS with JavaScript and Bootstrap frameworks, but suffers from slow load times and lacks modern security configurations such as a valid SSL certificate and TLS protocols. Mobile optimization and SEO are good, but accessibility is basic. The website lacks cookie consent mechanisms and some security best practices. Security posture is weak due to the absence of HTTPS, no security headers, and missing email authentication records like DMARC. DNSSEC is disabled and CAA records are malformed. These issues pose significant risks to user data confidentiality and trust. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and comply with modern standards. Strategic recommendations include implementing HTTPS, enabling security headers, and adding privacy and cookie consent mechanisms.

M

Mark Heath

eventsassociate.com

0

Events Associate is a small education-focused business specializing in bespoke language and professional training services, including Business English, professional development, educational training for children, and translation work. The company targets non-native English speakers and organizations primarily in Austria, Spain, and Europe. The website is hosted and managed via IONOS MyWebsite, reflecting a modest technical infrastructure with basic digital maturity. The site lacks HTTPS, which significantly undermines security and user trust. Security headers are partially implemented but insufficient without SSL/TLS. Privacy and cookie policies are absent, indicating non-compliance with GDPR and related regulations. Contact information is clearly provided, but no forms or advanced interaction mechanisms are present. Overall, the website presents basic content and functionality with room for significant improvement in security, compliance, and technical sophistication.

A

Austria Wirtschaftsservice Gesellschaft mbH

awsg.at

0

Austria Wirtschaftsservice Gesellschaft mbH (aws) is the official Austrian federal promotional bank dedicated to fostering innovation and economic growth within Austria. The website serves as a comprehensive portal for Austrian entrepreneurs and companies seeking funding, subsidies, and advisory services. It offers a broad range of programs targeting startups, SMEs, and established companies, with a strong emphasis on energy, sustainability, and internationalization. The site is well-branded, professionally designed, and provides clear navigation and rich content in German, targeting primarily Austrian businesses and innovators. Technically, the website is built on TYPO3 CMS and uses Apache as the web server. It integrates Matomo analytics for privacy-compliant user tracking and employs modern web technologies including CSP and various security headers. However, the SSL/TLS configuration is currently invalid or missing, which is a critical security concern. Performance metrics are not available, but the site appears mobile-optimized and accessible. From a security perspective, while several security headers are implemented, the lack of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No explicit security or incident response policies are found on the site. Privacy compliance is strong, with a clear cookie consent mechanism and a comprehensive privacy policy in place, aligned with GDPR requirements. Overall, the site is a credible and professional government service platform with excellent content and user experience but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and improve trustworthiness.

A

Achtzehn Grad GmbH

digitalwerk.agency

0

Achtzehn Grad GmbH is a full-service creative agency based in Vienna, Austria, specializing in branding, digital marketing, and communication services. The company positions itself as a premium agency focused on uncovering hidden potential in brands and delivering innovative marketing solutions. Their target audience includes businesses in German-speaking countries seeking comprehensive marketing and creative services. The website reflects a high level of professionalism with excellent design, clear navigation, and rich content, including case studies and a blog. Technically, the site leverages modern JavaScript libraries such as GSAP and Swiper, is hosted on Webflow with Cloudflare CDN, and integrates bot protection on forms. However, a critical security issue is the absence of a valid SSL certificate, resulting in no HTTPS support and no modern TLS protocols, which significantly impacts the security posture. Privacy compliance is good with a comprehensive privacy policy and terms of service, but no explicit cookie consent mechanism was detected. Overall, the site is trustworthy and professionally managed but requires urgent SSL/TLS remediation to ensure secure user interactions.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

G

GDV Group

gdv.com.mx

0

GDV Group is a well-established market and consumer intelligence consultancy based in Mexico with over 50 years of experience. The company offers research and consulting services aimed at helping clients make informed business decisions. Their digital presence is built on WordPress with the Divi theme, leveraging common plugins and tracking tools such as Google Tag Manager and Facebook Pixel. While the website content is professionally presented and navigation is clear, the absence of a valid SSL certificate is a critical security vulnerability that undermines user trust and data protection. Privacy and cookie policies are present but basic, with no visible terms of service or incident response policies. Overall, the business appears credible and consistent with its domain registration data, but security improvements are urgently needed.

L

Leviton Manufacturing Co., Inc.

brand-rex.com

0

Leviton Manufacturing Co., Inc. operates a comprehensive and professionally designed website offering a wide range of electrical and lighting control products targeting residential, commercial, and industrial markets. The company positions itself as a leader in home electrical safety with over 115 years of history, providing products such as lighting controls, wiring devices, networking solutions, electric vehicle charging, and submetering. The website demonstrates a mature digital presence with extensive product catalogs, market segmentation, and partner integrations. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, ensuring good user experience and SEO. However, a critical security gap exists due to the absence of a valid SSL certificate and disabled TLS protocols, significantly impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, reflecting good compliance practices. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and maintain credibility.

M

M.Tech Products Pte Ltd

mtechpro.com

0

M.Tech Products Pte Ltd is a leading distributor and solutions provider specializing in cyber security and network performance solutions across the Asia-Pacific region. The company maintains a strong market position with presence in 14 countries, 24 offices, and a reseller network exceeding 2,000 partners. Their business model focuses on partnering with market-leading vendors to deliver integrated security and network performance management solutions, complemented by professional services and training offerings. The website reflects a professional and consistent brand image with good content quality and clear navigation tailored for their target audience of enterprises and resellers. Technically, the website is built on WordPress using common libraries such as jQuery and Owl Carousel, with Gravity Forms for data collection. While the site is mobile optimized and SEO friendly, performance appears slow based on provided data. Critically, the site lacks a valid SSL certificate and proper HTTPS configuration despite having security headers like HSTS, which severely impacts its security posture. Analytics usage is moderate with Google Analytics implemented, but no cookie consent mechanism or explicit cookie policy was found. From a security perspective, the site demonstrates basic best practices through HTTP security headers but suffers from the absence of HTTPS and modern TLS protocols, exposing users to potential risks. No incident response or vulnerability disclosure information is available, and no security certifications are displayed. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website is functional and professional but requires urgent security improvements, especially regarding SSL/TLS implementation, to protect user data and enhance trust. Privacy compliance is partially met with a comprehensive privacy policy but lacks cookie consent mechanisms. Strategic recommendations include securing the website with valid certificates, enabling modern security protocols, and enhancing privacy and incident response disclosures.