Security Directory

T

TEST-FUCHS GmbH

test-fuchs.com

0

TEST-FUCHS GmbH is a well-established manufacturing company specializing in test systems and aerospace systems, with a history dating back to 1946. The company has grown into a medium-sized enterprise with a global presence and over 600 employees. Their website reflects a professional corporate identity with clear navigation and relevant business content targeting industrial B2B clients. Technically, the website is built on Drupal CMS with modern JavaScript libraries, but lacks HTTPS security, which is a significant risk. The absence of a valid SSL certificate and modern TLS protocols exposes visitors to potential data interception and undermines trust. Privacy compliance is addressed with a cookie consent mechanism and a basic GDPR-compliant privacy policy. However, no explicit security policies or incident response contacts are published, and no vulnerability disclosure mechanisms are present. Overall, the website is functional and professional but requires urgent security improvements to protect users and enhance credibility.

Accenture Interactive's website for Accenture Song presents a mature, enterprise-level digital presence focused on delivering technology-powered creative and marketing services globally. The company positions itself as a leader in customer experience transformation, blending creativity and technology to drive business growth. The site is rich in multimedia content, well-structured navigation, and supports multiple languages and regions, reflecting a global market approach. Technically, the site leverages Adobe Experience Manager CMS, AWS CloudFront hosting, and integrates advanced analytics and consent management tools. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which undermines the otherwise strong security headers and policies in place. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

Schrack Technik GmbH is a well-established Austrian company founded in 1920, specializing in the distribution and provision of electrical products and solutions across energy technology, building technology, industrial applications, networking, and lighting. The company operates a comprehensive online shop and physical stores, targeting electricians and industrial clients primarily in Austria and Central/Eastern Europe. Their market position is strong, supported by a broad product portfolio and personal customer service. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates a consent management platform for privacy compliance. However, the security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS support, which is a critical vulnerability. Privacy and cookie policies are well implemented, and the site shows good business credibility with ISO certification and trust marks. Overall, the website is professional and content-rich but requires urgent security improvements.

D

delfortgroup AG

delfortgroup.com

0

delfortgroup AG is a mature, enterprise-level global manufacturer specializing in specialty and functional papers, serving industries such as packaging, tobacco, battery separators, and more. The company emphasizes sustainability and innovation, supported by a comprehensive digital presence including detailed product catalogs, sustainability reports, and career opportunities. Technically, the website is built on a modern WordPress CMS with Elementor and Yoast SEO, leveraging various JavaScript libraries and Google Tag Manager for analytics. However, the absence of a valid SSL certificate and lack of HTTPS enforcement represent critical security weaknesses. Security headers are present but insufficient without proper TLS configuration. The domain is well-established with consistent WHOIS data, supporting business legitimacy. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

B

BearingPoint

bearingpoint.com

0

BearingPoint is a global management and technology consultancy with European roots, operating in over 70 countries with 13,000 employees. The company offers a broad range of consulting services, products, and capital advisory, targeting enterprises across multiple industries including technology, finance, manufacturing, and government sectors. The website reflects a mature digital presence with professional design, comprehensive content, and clear navigation tailored to enterprise clients. Technically, the site uses Apache server technology, modern JavaScript frameworks, and cookie consent management tools, but lacks a valid SSL certificate and has disabled TLS protocols, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professional but requires urgent security improvements to enable HTTPS and modern TLS protocols.

A

Avanade Inc.

avanade.com

0

Avanade Inc. is a leading global provider of cloud, AI, and advisory services focused on the Microsoft ecosystem. With over 25 years of experience and a strong market position as the world’s leading Microsoft expert, Avanade serves enterprise clients across multiple industries including technology, energy, banking, healthcare, government, and retail. The company operates globally with headquarters in the United States, Europe, and Asia, and is a subsidiary of Accenture. Their business model centers on delivering advisory, managed services, and integrated Microsoft technology solutions to help organizations unlock digital transformation and sustainability goals. Technically, Avanade’s website leverages modern frameworks such as Next.js and Sitecore CMS, hosted on Vercel and integrated with marketing and analytics tools like Adobe Launch, Google Tag Manager, and OneTrust for consent management. The site is well-designed, mobile-optimized, and rich in content, providing a professional user experience with clear navigation and comprehensive business information. From a security perspective, the website currently suffers from critical issues including the absence of a valid SSL certificate and lack of TLS protocol support, severely impacting its security posture. While security headers such as Content-Security-Policy and HSTS are present, they are not fully hardened. The presence of a vulnerability disclosure page and detailed privacy and cookie policies indicate a mature approach to compliance and security awareness, but the lack of HTTPS is a major risk. Overall, the website is highly credible and professional but requires urgent remediation of its SSL/TLS configuration to ensure secure communications and maintain trust. Strategic improvements in security practices and continued adherence to privacy compliance will strengthen Avanade’s digital presence and risk posture.

The domain conversations.at is registered and hosted with a reputable Austrian registrar and DNS provider. However, the website itself is effectively empty, serving only a minimal placeholder with no visible content, metadata, or interactive elements. There is no SSL certificate installed, resulting in no HTTPS support despite the presence of a Strict-Transport-Security header, which is misconfigured. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. The technical infrastructure is minimal, relying on Apache server software but lacking modern web technologies or performance optimizations. Security posture is weak due to the absence of HTTPS and other security headers, though no active vulnerabilities or malware indicators were detected. Overall, the site presents a low trust profile and limited business credibility.

S

SER Solutions Deutschland GmbH

ser.de

0

SER Solutions Deutschland GmbH is a well-established enterprise content management (ECM) software provider based in Germany, with over 35 years of experience. The company is recognized as a leader in the ECM market, evidenced by its inclusion in Gartner's Magic Quadrant and IDC MarketScape reports. Their core offerings include intelligent content automation, document management, process automation, and collaboration tools, targeting large enterprises and organizations undergoing digital transformation. The website reflects a mature digital presence with comprehensive content, multiple language support, and strong branding consistency. Technically, the website is built on the Contao CMS platform, hosted on Ubuntu servers with Amazon CloudFront CDN for content delivery. It employs modern marketing and analytics tools such as Google Tag Manager, Visual Website Optimizer, and Usercentrics for consent management. The site is mobile-optimized and accessible, with good SEO practices. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which severely impacts the security posture. Security headers are properly configured, but the lack of TLS protocols and valid certificates exposes the site to risks and undermines user trust. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, while the business and content quality are excellent, urgent remediation of SSL/TLS issues is necessary to improve security and trustworthiness.

The website at iiglobal.net is currently non-functional, serving only a generic 404 error page with no accessible content or business information. The domain is registered but lacks DNS records and a valid SSL certificate, resulting in no HTTPS support and poor security posture. There are no privacy policies, contact details, or any form of user engagement mechanisms present. Technically, the site shows minimal infrastructure and no modern web technologies or frameworks. Security best practices are absent, and the site is not GDPR compliant. Overall, the website appears inactive or improperly configured, posing significant trust and credibility concerns.

O

Ottakringer Getränke AG

ottakringerkonzern.com

0

Ottakringer Getränke AG is a well-established Austrian family-owned beverage group comprising key subsidiaries such as Ottakringer Brauerei, Vöslauer Mineralwasser, and Del Fabro Kolarik. The company focuses on manufacturing and distributing beer, mineral water, and beverage wholesale products, targeting both B2B and B2C markets primarily in Austria and neighboring countries. The website content is professionally presented in German, emphasizing sustainability and quality. Technically, the site is built on Joomla CMS with common web technologies like jQuery and Bootstrap, and it integrates Google Analytics for user tracking. However, the website suffers from a critical security shortfall due to the absence of a valid SSL certificate, resulting in no functional HTTPS, which significantly impacts its security posture. Security headers are partially implemented, and cookie consent mechanisms are in place, indicating reasonable privacy compliance. Overall, the site demonstrates moderate digital maturity but requires urgent improvements in SSL configuration and security practices to enhance trust and protect user data.

R

redmail Logistik & Zustellservice GmbH

redmail.at

0

redmail Logistik & Zustellservice GmbH is an established Austrian media distribution and logistics service provider specializing in the delivery of print advertising such as flyers and brochures. The company operates multiple offices across Austria and offers an online booking platform for print and delivery services. Their market position is supported by recognized certifications and a professional web presence. Technically, the website is built on WordPress with common plugins and modern design elements, but suffers from a critical lack of HTTPS and proper SSL/TLS configuration, exposing users to security risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, while the business is credible and well-presented, the security posture requires urgent improvement to protect customer data and maintain trust.

G

Gewista

gewista.at

0

Gewista is a leading Austrian media company specializing in Out-of-Home advertising, operating under the majority ownership of global market leader JCDecaux. The company offers a broad portfolio of advertising media including traditional billboards, street furniture, and transport media, with a strong focus on digital innovation and public value initiatives. The website reflects a mature digital presence built on Drupal 10, leveraging modern JavaScript libraries and CDN hosting. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture. Additionally, a subdomain takeover vulnerability was identified, posing a risk to brand reputation and security. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

MPREIS

mpreis.at

0

MPREIS is a well-established Austrian supermarket chain offering a broad range of grocery and related products both in physical stores and online. The website reflects a mature digital presence with detailed product catalogs, recipe inspirations, and a focus on regional and organic products. The company maintains active social media channels and provides comprehensive privacy and cookie policies with consent management, indicating good privacy awareness. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates advanced marketing and search tools like Bloomreach and Algolia. However, the absence of a valid SSL certificate and lack of HTTPS support represent significant security shortcomings, exposing users to potential risks. Security headers are partially implemented, but critical TLS protocols and cipher suites are missing, reducing the overall security posture. The domain registration and hosting are consistent with the business claims, registered under A1 Telekom Austria AG, a reputable provider. No WAF or security challenge blocks access, allowing full content analysis. Privacy compliance is strong, but the lack of incident response and security policy pages suggests room for improvement in security governance. Overall, MPREIS demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to protect users and enhance trust. Strategic security enhancements and continuous compliance monitoring are recommended to maintain its market position and customer confidence.

F

FHV - Vorarlberg University of Applied Sciences

fhv.at

0

FHV - Vorarlberg University of Applied Sciences is a medium-sized educational institution based in Austria, offering a wide range of Bachelor and Master programs across technical, economic, design, and social-health disciplines. The institution emphasizes applied research and international cooperation, positioning itself as a leading university of applied sciences in the Bodenseeraum region. The website is professionally designed, content-rich, and well-structured, targeting prospective students, researchers, and academic partners. Technically, the site uses modern CMS Pimcore and Vue.js frontend framework, with Google Tag Manager for analytics and Cookiebot for consent management. However, a critical security gap exists as the site lacks a valid SSL certificate and HTTPS support, despite having security headers and HSTS configured. This exposes users to potential risks and undermines trust. Contact information is clearly provided, and privacy policies comply with GDPR standards. Overall, the site demonstrates strong business credibility and digital maturity but requires urgent remediation of its SSL/TLS configuration to improve security posture and user trust.

Ö

Österreichische Lotterien GmbH

lotterien.at

0

Österreichische Lotterien GmbH operates as the official national lottery provider in Austria, offering a wide range of lottery games, including Lotto 6 aus 45, EuroMillionen, and various scratch cards. The website serves as a comprehensive platform for game participation, result checking, and customer engagement, targeting Austrian lottery players and stakeholders. The company holds a strong market position as a government-associated entity with multiple subsidiaries in the gaming sector. Technically, the website is built on TYPO3 CMS and integrates modern analytics and consent management tools, demonstrating a mature digital infrastructure. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, exposing users to potential risks. Despite this, the site implements several security headers and maintains a responsible disclosure page, reflecting a commitment to security awareness. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to meet modern security standards.

S

sklera KG

sklera.tv

0

Sklera KG operates a technology-focused website likely offering software solutions or digital services, as indicated by the use of Next.js and references to demos and newsletters. The company is based in Austria and has maintained the domain for over 9 years, reflecting a mature business presence. However, the website content is minimal and primarily serves as a contact and demo request portal without detailed business descriptions or extensive content. The technical infrastructure leverages modern frameworks but lacks critical security implementations such as HTTPS, valid SSL certificates, and security headers, which significantly undermine the site's security posture. Additionally, the absence of privacy and cookie policies indicates poor compliance with data protection regulations. Overall, the website presents a basic digital footprint with moderate business credibility but requires urgent security and compliance improvements to enhance trust and protect user data.

W

Würth Oy

wurth.fi

0

Würth Oy operates a comprehensive B2B e-commerce and service platform focused on tool and accessory logistics for industrial, construction, and maintenance sectors in Finland. The company has a strong market presence with nearly 50 years of history and a wide network of centers. The website supports multiple login methods and offers extensive product and service information tailored for business customers. Technically, the site uses modern frameworks such as Bootstrap and jQuery, managed via the FirstSpirit CMS, and integrates analytics tools like Piwik PRO and Google Tag Manager. Security headers are implemented, but a critical issue exists with an invalid SSL certificate and lack of TLS protocol support, which significantly impacts the security posture. Privacy and cookie policies are comprehensive and GDPR compliant, and contact information is clearly provided. Overall, the site is professional and trustworthy but requires urgent SSL remediation to ensure secure communications.

F

Frequentis

frequentis.com

0

Frequentis is a well-established company specializing in safety-critical communication and information solutions with over 75 years of market presence. The company serves key sectors including civil aviation, defence, public safety, maritime, and public transportation, positioning itself as a leader with a strong focus on innovation and user-centric design. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation tailored to government agencies and large organizations. Technically, the site is built on Drupal 10 with modern libraries and integrates multiple marketing and analytics tools. However, the absence of a valid SSL/TLS certificate and HTTPS support is a significant security gap, impacting the overall security posture. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates high business credibility but requires urgent security improvements to align with best practices.

I

International Commission on Missing Persons

icmp.int

0

The International Commission on Missing Persons (ICMP) is a globally recognized non-profit organization dedicated to addressing the issue of missing persons resulting from conflicts, disasters, and other causes. The organization collaborates with governments, civil society, and international bodies to provide expertise, data systems, and forensic services. Their website reflects a mature digital presence with comprehensive content, multilingual support, and clear navigation tailored to a diverse audience including families of missing persons and governmental agencies. Technically, the site is built on WordPress with modern plugins and Cloudflare CDN protection, but it suffers from a critical lack of a valid SSL certificate and proper TLS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with GDPR-aligned cookie and privacy policies. Overall, the site demonstrates high professionalism and trustworthiness but requires urgent improvements in SSL/TLS security to protect user data and maintain credibility.

V

VIER PFOTEN International – gemeinnützige Privatstiftung

four-paws.org

0

FOUR PAWS International is a globally recognized non-profit animal welfare organization dedicated to protecting animals under human influence. The organization operates multiple country offices and campaigns worldwide, focusing on rescue missions, veterinary care, sterilization of stray animals, and advocacy against animal cruelty. Their website reflects a professional and comprehensive digital presence, targeting animal welfare supporters, donors, and volunteers. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, incorporating modern JavaScript libraries such as Splide.js and Google Tag Manager for analytics and marketing. However, a critical security weakness is the absence of a valid SSL certificate and lack of TLS protocol support, which significantly undermines the site's security posture. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Overall, the site demonstrates strong business credibility and content quality but requires urgent improvements in SSL/TLS security to protect user data and maintain trust.

G

GEZE GmbH

geze.at

0

GEZE GmbH is a globally recognized family-owned company specializing in manufacturing and providing innovative door, window, and safety technology solutions. The company has a strong market position with over 3,000 employees and 37 subsidiaries worldwide, focusing on digital connectivity and building automation. The website reflects a professional and comprehensive presentation of their products and services, targeting architects, planners, and building operators. Technically, the site uses TYPO3 CMS hosted on AWS CloudFront with modern content delivery but suffers from critical SSL/TLS misconfigurations, impacting security posture. Privacy compliance is well addressed with a clear privacy policy and consent management via Usercentrics. The site offers multiple contact channels and social media presence, enhancing business credibility. However, the invalid SSL certificate and lack of HTTPS protocols represent significant security risks that should be urgently addressed.

B

Bacon & Bold

baconbold.com

0

Bacon & Bold is a medium-sized performance branding and social media marketing agency based in Austria, founded in 2016. The company positions itself as a leading social media agency focused on delivering measurable business success through targeted digital marketing strategies, workshops, and AI-driven applications. Their client portfolio includes notable companies such as Siemens, Wiener Linien, and voestalpine AG, underscoring their market presence and credibility. Technically, the website is built on Webflow CMS, uses modern web fonts, Google Tag Manager, and is hosted via Cloudflare and Azure services. While the site is well-designed, mobile-optimized, and rich in content, it suffers from critical security issues including an invalid SSL certificate and a subdomain takeover vulnerability. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site demonstrates strong business credibility but requires urgent security improvements to protect user data and maintain trust.

The website sappi.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that requires JavaScript and cookies to proceed. This prevents access to any meaningful content, metadata, or business information. The visible page is a security checkpoint rather than the actual website content. The DNS records indicate a legitimate domain with multiple mail servers and name servers under the sappi.com domain, suggesting a corporate entity. However, the SSL/TLS configuration is poor with no valid certificate and no HTTPS protocols enabled, which is a critical security issue. Security headers are present but cannot compensate for the lack of proper SSL. No privacy, cookie, or terms of service policies are accessible, and no contact information or forms are visible. Overall, the site’s security posture is weak due to missing SSL and blocked content, and the technical and content quality cannot be properly assessed due to the WAF challenge.

Ottobock is a well-established enterprise in the healthcare sector specializing in orthotics, prosthetics, and related mobility solutions. The company offers a broad range of products and services including prosthetics, orthotics, exoskeletons, adaptive sports programs, and veteran support. Their market position is strong, supported by a comprehensive digital presence and a global footprint. Technically, the website leverages modern frameworks such as Next.js and React, integrated with Contentful CMS and various analytics and marketing tools, indicating a mature digital infrastructure. However, a critical security issue is the absence of a valid SSL/TLS certificate, which undermines the security posture and user trust. Privacy compliance is robust with clear policies and consent management mechanisms in place. Overall, the website is professional, content-rich, and user-friendly but requires urgent attention to its SSL configuration to ensure secure communications.

J

Jung von Matt

jvm.at

0

Jung von Matt is a well-established independent global creative agency specializing in marketing communications and branding services. The company targets brands and businesses seeking innovative and culturally impactful marketing solutions. Their website reflects a strong market position with a professional design, consistent branding, and comprehensive content showcasing their key services and projects. The technical infrastructure leverages modern technologies such as Netlify hosting, Contentful CMS, Matomo analytics, and Usercentrics for consent management, indicating a mature digital presence. However, the website currently suffers from an invalid SSL certificate, which undermines the security posture and user trust. While privacy and cookie policies are well implemented and GDPR compliant, the absence of explicit security policies and incident response information suggests room for improvement in security transparency. Overall, the site is professional and trustworthy but should prioritize fixing SSL issues and enhancing security disclosures to improve its risk profile.

S

SOPREMA

soprema.com

0

SOPREMA is a well-established global manufacturer specializing in waterproofing, insulation, and roofing products with a broad international footprint. The company operates through numerous subsidiaries and sales offices worldwide, targeting construction professionals and distributors. The website reflects a multinational business model with a focus on manufacturing and distribution. Technically, the website runs on Apache with PHP backend and Magento CMS, integrating Google Maps for location display. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS, which severely impacts its security posture. No privacy or cookie policies are present, indicating poor privacy compliance. Contact information is comprehensive and professional, supporting business credibility. Overall, the site requires urgent security improvements to protect user data and enhance trust.

F

FACC AG

facc.com

0

FACC AG is a mature and leading aerospace company specializing in the design, production, and maintenance of advanced lightweight components and systems for the global aviation industry. The company maintains strong partnerships with major aerospace manufacturers such as Airbus, Boeing, and Embraer, and offers a broad portfolio including aerostructures, engines, nacelles, cabin interiors, and MRO services. The website reflects a professional and well-branded digital presence targeting industry partners, investors, suppliers, and job seekers. Technically, the site is built on WordPress with modern JavaScript frameworks like Vue.js and uses Amazon CloudFront CDN for hosting. However, performance metrics are missing, and the site appears to load slowly. Security posture is a significant concern due to the absence of a valid SSL certificate and lack of TLS protocol support, which critically undermines secure communications. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site is credible and professional but requires urgent security improvements to protect user data and maintain trust.

A

AVL Cultural Foundation GmbH

avlcf.com

0

AVL Cultural Foundation GmbH is a small, Austria-based cultural foundation dedicated to fostering the intersection of art and science through innovative projects, artistic installations, and interdisciplinary discussions. The organization targets artists, scientists, and cultural enthusiasts, positioning itself as a niche player in the cultural foundation sector. The website is built on Drupal 10 and hosted likely on AWS infrastructure, demonstrating a moderate level of digital maturity with good mobile optimization and accessibility. However, the absence of HTTPS/SSL is a critical security flaw that severely impacts the site's security posture. Privacy and cookie policies are well implemented with a consent mechanism via Cookiebot, reflecting good privacy compliance. Contact information and social media presence are clearly provided, enhancing business credibility. Overall, the site is professional but requires urgent security improvements.

cargo-partner is a midsized logistics and transportation company specializing in integrated supply chain solutions including air, sea, rail, and road freight, as well as warehousing and SCM services. The company targets businesses requiring comprehensive logistics support and operates with a pan-European and global presence. The website reflects a professional business with consistent branding and a clear service offering. Technically, the site is built on TYPO3 CMS with PHP backend and uses modern web technologies including Friendly Captcha and Cookiebot for privacy compliance. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness, exposing users to potential risks. Security headers are partially implemented but lack a proper Content-Security-Policy. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism. Overall, the website is functional but requires urgent security improvements to protect user data and enhance trust.

B

Bene GmbH

bene.com

0

Bene GmbH is a well-established Austrian manufacturer and international supplier of high-quality office furniture and workspace solutions, with a history dating back to 1790. The company positions itself as a leader in modern office design, combining Austrian quality with innovative and functional products. The website is built on TYPO3 CMS and uses modern web technologies, but lacks a valid SSL certificate, which is a critical security shortfall. The site includes comprehensive content, a contact form with CAPTCHA, and social media integration, but does not implement cookie consent mechanisms or advanced security headers. Overall, the business is credible and well-presented, but the lack of HTTPS significantly impacts the security posture.

B

Baustoffservice

baustoffservice.at

0

Baustoffservice is a small Austrian manufacturing business specializing in patented lightweight concrete products (VULKAN and LAVA). With over 30 years of industry experience, they serve architects, construction firms, and public space planners by providing half-finished concrete parts, furniture, and facade elements. Their website is built on the 1AND1/IONOS platform and uses standard web technologies including jQuery and Mapbox. While the site presents clear contact information and social media presence, it suffers from a critical security issue: the absence of a valid SSL certificate and HTTPS support, which severely impacts trust and security posture. Privacy compliance is basic, with a cookie notification but no detailed privacy or security policies. Overall, the site is functional and professionally designed but requires urgent security improvements.

G

Grand Hotel Wien

grandhotelwien.com

0

Grand Hotel Wien is a well-established luxury hospitality business located in Vienna, Austria, with a history dating back to 1870. The website presents a professional image with comprehensive information about its services including luxury accommodations, gourmet dining, spa, and event hosting. The business is positioned as a high-end hotel targeting affluent travelers and tourists seeking premium experiences. Technically, the website uses a mix of modern JavaScript libraries and frameworks such as AngularJS, jQuery, and Foundation CSS, hosted behind Cloudflare CDN. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts its security posture. Privacy and cookie policies are present and appear GDPR compliant, and contact information is clearly provided. The domain registration data supports the legitimacy and maturity of the business. Overall, while the business and content quality are strong, the lack of proper SSL/TLS implementation is a major risk that should be addressed immediately.

O

Oberbank AG

oberbank.at

0

Oberbank AG is a well-established regional bank operating primarily in Austria and neighboring countries, offering a broad range of financial services including retail banking, corporate banking, savings, investments, financing, and online/mobile payment solutions. The website reflects a mature digital presence with comprehensive content tailored to private and corporate customers, supported by a modern technology stack based on Liferay and JavaServer Faces. The site demonstrates strong privacy compliance with detailed cookie consent mechanisms and GDPR-aligned privacy policies. However, the security posture is weakened by an invalid or missing SSL certificate and lack of TLS protocol support, which poses significant risks to secure communications. No explicit security or incident response policies are published, indicating room for improvement in transparency and readiness. Overall, the site is professional and trustworthy but requires urgent remediation of SSL issues to ensure secure user interactions.

V

VRVis GmbH

vrvis.at

0

VRVis GmbH is Austria's largest research institution specializing in Visual Computing, integrating Artificial Intelligence and Simulation to address complex data-driven challenges. With 25 years of experience and strong industry collaborations, VRVis offers research, tailored products, and consulting services primarily targeting industrial and scientific audiences. The website is professionally designed, multilingual, and content-rich, reflecting a mature digital presence. Technically, the site runs on TYPO3 CMS with Matomo analytics, demonstrating a modern but self-managed infrastructure. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is minimal, lacking cookie consent mechanisms and explicit GDPR indicators. Overall, VRVis presents a credible and trustworthy business profile but requires urgent improvements in security and privacy practices to align with modern standards.

Global LT is a medium-sized education company specializing in instructor-led language and cultural training services targeted at corporations and governments worldwide. The company offers a comprehensive suite of services including language training, translation, interpretation, and destination services, supported by a technology-driven platform. The website is professionally designed, well-branded, and provides clear navigation and rich content relevant to its business domain. Technically, the site is built on HubSpot CMS and integrates Google Analytics and Tag Manager for marketing and analytics purposes. However, the absence of a valid SSL certificate and HTTPS support is a significant security concern. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing, exposing the site to potential risks. Privacy compliance is moderate, with a privacy policy present but lacking a cookie consent mechanism despite tracking scripts. Contact information is clearly provided, enhancing business credibility. Overall, the site demonstrates strong business presence and digital maturity but requires urgent security improvements to protect user data and enhance trust.

B

Bufab International AB

bufab.com

0

Bufab International AB operates as a global supply chain partner specializing in C-parts for manufacturing industries. Their website presents a comprehensive portfolio of services including supplier management, logistics, quality assurance, and sustainability consulting. The company targets manufacturing purchasers seeking to optimize their C-parts supply chain. Technically, the website is built on HubSpot CMS with integrations for marketing and analytics, delivering a professional and content-rich user experience. However, the security posture is weakened by the absence of a valid SSL certificate and lack of TLS protocol support, which is critical for secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and professionally maintained but requires urgent security improvements to protect user data and enhance trust.

W

Wolf Systems Ltd

wolfsystem.co.uk

0

Wolf Systems Ltd is a mature UK-based company specializing in software and products that simplify timber engineering. Their offerings include advanced software solutions, metal webs, nailplates, expert support, training, and machinery advice, targeting timber engineering professionals and manufacturers. The company maintains a strong market position supported by certifications such as BBA approval and CE marking, and operates a network of country-specific partner domains across Europe. Technically, the website is built on ASP.NET with modern frontend libraries like Bootstrap and jQuery, hosted on Microsoft IIS. However, the site lacks HTTPS, which is a critical security gap. Security headers are partially implemented, and cookie consent mechanisms are present, indicating some privacy awareness. The WHOIS data confirms a consistent and trustworthy domain registration with no privacy protection, aligning with the company's public identity.

J

Jaroona

jaroona.com

0

Jaroona is a small technology company specializing in AI and Machine Learning solutions aimed at transforming raw data into actionable business intelligence. Their offerings include predictive analytics, natural language processing, computer vision, reinforcement learning, anomaly detection, and custom AI model development. The company targets businesses seeking to leverage AI for automation, fraud detection, and personalized customer experiences. The website is professionally designed using the Contao CMS and hosted by IONOS SE, but suffers from critical security shortcomings due to the absence of a valid SSL certificate and HTTPS support. While security headers are implemented, the lack of TLS protocols and proper SSL configuration significantly lowers the security posture. Privacy and cookie policies exist but are basic, and no explicit terms of service or incident response policies are present. Contact information is limited to a contact form with no direct emails or phone numbers provided. Overall, the domain registration is mature and consistent with the business claims, supporting legitimacy. Strategic improvements in SSL/TLS deployment and enhanced privacy compliance are recommended to improve trust and security.

C

Coface

coface.com

0

Coface is a global leader in trade credit insurance, debt collection, and business information services, supporting over 100,000 clients across approximately 200 countries. Founded in 1946 and headquartered in France, the company offers comprehensive solutions to help businesses manage credit risks and optimize credit management. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to its target audience of businesses seeking credit risk solutions. Technically, the site uses modern web technologies including a CDN (CloudFront), a CMS (Ibexa), and integrates advanced consent management and analytics tools. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which is a critical issue that must be addressed to ensure secure communications. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, Coface's website demonstrates high business credibility and professionalism but requires urgent SSL/TLS remediation to improve security and trust.

S

Spark

agi-world.com

0

The website agi-world.com serves as a minimal landing page for the company now branded as Spark, which has a long history of over 50 years in marketing transformation and creative production services. The business is positioned as a trusted partner delivering localized marketing solutions. The site itself is minimalistic, with no forms, contact details, or privacy policies, and primarily directs visitors to the main corporate site sparkbrighterthinking.com. From a technical perspective, the site is hosted on Amazon S3 with CloudFront CDN, uses basic HTML5 and CSS3 technologies, and includes a video background and SVG logo for branding. Mobile optimization is basic but functional. However, the site lacks HTTPS support, security headers, and any analytics or tracking technologies, indicating a low level of digital maturity. Security posture is weak due to the absence of SSL/TLS encryption, no HSTS, and no security headers. There are no detected vulnerabilities such as subdomain takeover or SSL vulnerabilities, but the lack of HTTPS is a critical issue. Privacy compliance is poor, with no privacy or cookie policies present, and no GDPR compliance indicators. Business credibility is moderate based on the company's history and branding but is weakened by the lack of contact information and policies on this domain. Overall, the site presents a basic online presence with significant room for improvement in security, privacy compliance, and content richness. Strategic recommendations include implementing HTTPS, adding privacy and cookie policies, enhancing security headers, and providing clear contact information to improve trust and compliance.

Austro Control GmbH is the Austrian national air navigation service provider responsible for ensuring aviation safety, air traffic control, and aeronautical information management. The company serves a broad audience including pilots, airlines, airports, and government agencies, positioning itself as a key player in the transportation and government sectors. Their services include air traffic control, pilot licensing, flight weather services, and drone regulation. The website reflects a professional and comprehensive digital presence with strong branding and trust signals such as industry awards and certifications. Technically, the site uses modern web technologies like Bootstrap and jQuery but suffers from critical security shortcomings due to the absence of a valid SSL certificate and lack of TLS protocol support, which undermines secure communications. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy and authoritative but requires urgent improvements in SSL/TLS security to protect users and maintain credibility.

M

Mubea Carbo Tech GmbH

carbon.at

0

Mubea Carbo Tech GmbH is a medium-sized Austrian company specializing in the design, development, and manufacturing of fiber composite components primarily for the automotive, motorsport, aeronautics, and industrial sectors. As part of the global Mubea Group, it holds a leading market position as a pioneer in lightweight construction technology since its founding in 1993. The company offers full-service solutions from design to series production, targeting automotive manufacturers and other high-tech industries. The website reflects a professional and comprehensive digital presence with multilingual support and detailed business information. Technically, the site is built on WordPress with Elementor and includes modern web technologies, though performance is hampered by the lack of a valid SSL certificate and HTTPS support, which is a critical security concern. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. However, explicit security policies and incident response information are absent. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

C

CRIF S.p.A.

crif.com

0

CRIF S.p.A. is a globally recognized enterprise specializing in credit bureau reporting, business information systems, analytics, and outsourcing services. The company operates in 37 countries with over 85 subsidiaries, serving both businesses and consumers with advanced digital solutions including open banking and ESG analytics. The website reflects a mature business with comprehensive service offerings and a strong market position in the finance sector. Technically, the website uses modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Swiper.js, and is hosted on a CDN network (Akamai), ensuring good performance and mobile optimization. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, severely impacting the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the website is professional and trustworthy but requires urgent remediation of its SSL/TLS configuration to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

S

Spencer Stuart

spencerstuart.com

0

Spencer Stuart is a globally recognized executive search and leadership consulting firm specializing in senior executive and board-level placements. The website reflects a mature, professional services business with a strong market position and comprehensive service offerings tailored to corporate clients. Technically, the site uses a custom ASP.NET CMS hosted on AWS CloudFront, integrating modern analytics and consent management tools. However, the absence of a valid SSL certificate and disabled modern TLS protocols represent significant security gaps. The site employs good security headers and cookie management but lacks advanced email security measures such as DMARC and DNSSEC. Overall, the website is content-rich and professionally designed but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

J

Johns Hopkins University School of Advanced International Studies

sais-jhu.edu

0

Johns Hopkins University School of Advanced International Studies (SAIS) operates a comprehensive and professionally designed website offering graduate programs in international relations. The institution is well-positioned in the education sector with campuses in Washington DC, Europe, and China, serving a diverse international student body. The website content is rich, relevant, and professionally presented, reflecting the institution's high market position and reputation. Technically, the site uses Drupal 7 with a variety of modern JavaScript libraries and is hosted behind Cloudflare, but lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are present but insufficient without proper TLS. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. The WHOIS data confirms domain legitimacy and consistency with the institution's identity. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS deployment and privacy compliance to enhance security and user trust.

The bwinparty.com domain currently serves an inaccessible website due to a DNS resolution error as indicated by the Cloudflare error page. This prevents access to any substantive content, including business descriptions, policies, or contact information. The domain is associated with online gaming and betting services, but no direct content is available to confirm details. Technically, the site is behind Cloudflare but lacks a valid SSL certificate and modern TLS support, resulting in poor security posture. Basic security headers are present but insufficient. The absence of privacy and cookie policies, contact details, and business information further reduces trust and compliance. Overall, the site is currently non-functional from a user perspective, representing a critical risk for business continuity and reputation.

MOTIONDATA VECTOR Gruppe is a well-established Austrian software and IT solutions provider specializing in Dealer Management Systems and related automotive industry services. With over 40 years of experience and a strong presence in the D-A-CH region and other European markets, the company offers a comprehensive portfolio including cloud-based DMS, sales management tools, web portfolios, mobile apps, and IT infrastructure services. The website reflects a mature digital presence with professional design, multilingual support, and clear navigation. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which undermines user trust and data security. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Social media integration and brand certifications further enhance credibility.

R

Raiffeisen Bank International

rbinternational.com

0

Raiffeisen Bank International AG is a leading business bank headquartered in Austria, serving Austria and Central and Eastern Europe. The website presents comprehensive information about the bank's services, sustainability efforts, investor relations, and career opportunities, targeting investors, corporate clients, institutions, and private customers. The technical infrastructure leverages modern web technologies including Vue.js, Adobe Experience Manager CMS, and Cloudflare hosting, with integrations for analytics and marketing such as Mouseflow, Leadfeeder, and Google Tag Manager. Security headers are well implemented; however, the absence of a valid SSL certificate and disabled TLS protocols represent critical vulnerabilities that undermine the site's security posture. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. Overall, the website is professional and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.