Security Directory

I

Irian Solutions Softwareentwicklungs GmbH

irian.at

0

Irian Solutions Softwareentwicklungs GmbH is a well-established software development company based in Austria, specializing in digital product development using technologies such as Java, Angular, and .NET. The company targets businesses requiring custom software solutions, with a strong market presence evidenced by notable clients in finance, energy, and transportation sectors. Their website reflects a professional and modern digital presence, leveraging the Astro framework and Cloudflare for hosting and CDN services. However, the website's security posture is weakened by the absence of a valid SSL certificate and lack of HTTPS enforcement, which is a critical vulnerability. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the company demonstrates strong business credibility and digital maturity but must urgently address its SSL/TLS configuration to ensure secure communications and maintain trust.

A

Aeroficial Intelligence GmbH

aeroficial.com

0

Aeroficial Intelligence GmbH is a specialized provider of smart air traffic and airport operational insights, leveraging AI-driven analytics to enhance efficiency, safety, and performance for airports, airlines, and air navigation service providers. The company positions itself as a trusted partner for Tier 1 airports and leading airlines worldwide, offering a suite of solutions under the Cockpit Suite brand. The website reflects a professional and consistent brand image with clear messaging targeted at aviation industry stakeholders. Technically, the website is built on WordPress using the Divi theme and several plugins including Google Analytics and GDPR compliance tools. While the site is mobile-optimized and well-structured, performance metrics are not fully available, and some SEO and accessibility features are basic. The hosting provider is linked to the DNS servers world4you.at. Security posture is a significant concern as the website lacks a valid SSL certificate and does not support HTTPS, exposing users to potential risks. No advanced security headers or incident response policies are evident. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place. Overall, the website is credible and professional but requires urgent security improvements, especially enabling HTTPS and enhancing security headers, to protect user data and improve trustworthiness. Strategic recommendations include implementing SSL, enhancing security policies, and expanding transparency on incident response and certifications.

Plansee SE is a globally recognized manufacturer specializing in refractory metals such as molybdenum, tungsten, and tantalum, serving high-tech industries including electronics, aerospace, and energy. With a century of experience and multiple production sites worldwide, Plansee positions itself as a leader in high-performance materials and sustainable manufacturing solutions. The website reflects a mature digital presence built on Adobe Experience Manager and Next.js, leveraging Akamai CDN and Google Tag Manager for performance and analytics. However, the current lack of a valid SSL certificate and disabled TLS protocols represent critical security vulnerabilities that undermine user trust and data protection. Despite these issues, the site maintains comprehensive privacy and cookie policies aligned with GDPR, and showcases certifications like EcoVadis Gold and ASML Sustainability Excellence Award, reinforcing its market credibility. Strategic improvements in SSL/TLS deployment and enhanced security configurations are recommended to elevate the overall security posture and user confidence.

H

HOERBIGER

hoerbiger.com

0

HOERBIGER is a large industrial company specializing in emissions solutions and performance-defining components across sectors such as energy, automotive, and hydrogen industries. The company holds a strong market position as a world leader in compression and rotary unions, providing innovative products and services aimed at increasing efficiency, safety, and sustainability. The website reflects a professional and well-branded digital presence, leveraging modern technologies such as Neos CMS and Flow Framework, with multimedia content and clear navigation tailored for industrial clients and partners. Technically, the website employs advanced content security policies, privacy compliance tools like Cookiebot, and analytics via Matomo, indicating a mature digital infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which severely impacts the site's security posture and user trust. Other security headers are well implemented, but the lack of encryption exposes users to potential risks. Overall, the security posture is weak due to missing HTTPS, but privacy compliance and business credibility are strong. The site is accessible without WAF or blocking mechanisms, allowing full content analysis. Strategic improvements in SSL deployment and enhanced security practices are essential to elevate the site's trustworthiness and compliance. The risk assessment highlights the urgent need for SSL certificate installation and enabling HTTPS to protect data integrity and confidentiality. The company should also consider publishing vulnerability disclosure policies and incident response contacts to further strengthen security culture and transparency.

E

Erste Digital GmbH

erstegroupit.com

0

Erste Digital GmbH operates as the digital and IT service arm of Erste Group, the largest banking group in Central and Eastern Europe. The company focuses on delivering IT solutions and digital transformation services to support banking operations across the region. The website reflects a professional and consistent brand image aligned with Erste Group, targeting banking customers, IT professionals, and potential employees. Technically, the site uses modern frameworks and CDNs but suffers from a critical lack of SSL/TLS configuration, which severely impacts its security posture. Privacy and cookie policies are well implemented, indicating GDPR compliance. Overall, the site is functional and professional but requires urgent security improvements to protect user data and maintain trust.

The website tyrolit.com is currently inaccessible due to a Cloudflare security challenge page that requires JavaScript and cookies to be enabled. This prevents access to any meaningful content or business information. The domain is protected by Cloudflare, but the SSL/TLS configuration is severely lacking, with no valid certificate detected and no HTTPS support. Security headers are present but cannot compensate for the lack of encryption. No privacy, cookie, or terms of service policies are found, and no contact or business information is accessible. The DNS records and WHOIS data indicate a legitimate domain registration without privacy protection, but the lack of accessible content limits further analysis. Overall, the site’s digital maturity and security posture are poor due to the blocking mechanism and missing SSL.

Julius Meinl am Graben is a historic gourmet food retailer based in Austria, specializing in fine foods and delicatessen products with a legacy dating back to 1862. The website meinlamgraben.at serves primarily as a redirect to the main domain meinlamgraben.eu, indicating a consolidated online presence. The business targets consumers interested in high-quality culinary specialties and operates within the retail sector. Technically, the site is built on TYPO3 CMS and hosted on Microsoft IIS, but the current domain lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts security and user trust. Security headers are present, but the absence of HTTPS and modern TLS protocols is a critical vulnerability. Privacy and cookie policies are not found on this domain, and no contact forms or detailed business contact information are provided here, limiting direct user engagement. Overall, the site exhibits basic content quality and technical implementation but requires urgent security improvements to meet modern standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 10 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

FLIGHTKEYS GmbH

flightkeys.com

0

FLIGHTKEYS GmbH is an Austrian-based company specializing in advanced flight planning and trajectory optimization solutions for the aviation industry. Founded in 2015, the company offers a sophisticated 5D flight management system designed to optimize airline operations cost-effectively while integrating environmental sustainability and real-time flight dynamics. Their market position is that of a niche technology innovator serving airlines and aviation stakeholders globally. The website presents detailed product information and company background, targeting aviation professionals and potential customers. Technically, the website uses a traditional web stack including nginx, jQuery, and slick carousel, with a responsive design suitable for mobile devices. However, the site lacks HTTPS support and a valid SSL certificate, which is a critical security deficiency. Security headers are partially implemented but insufficient without encryption. No analytics or tracking services are detected, indicating minimal user tracking. From a security perspective, the absence of HTTPS and privacy policies significantly lowers the site's security posture and privacy compliance. The site does not provide terms of service, security policies, or incident response contacts, which are important for trust and compliance. The WHOIS data is consistent and indicates a mature, legitimate domain registration aligned with the company's Austrian base. Overall, while the business and content quality are good, the lack of HTTPS and privacy compliance are critical issues that must be addressed to improve trustworthiness and security. Strategic improvements in security infrastructure and privacy transparency are recommended to align with industry best practices.

V

Vizrt

vizrt.com

0

Vizrt is a leading media technology company specializing in live broadcast and video storytelling solutions. Their website showcases a comprehensive portfolio of products and services designed to empower content creators across various sectors including broadcasting, sports, corporate, government, education, and house of worship. The company positions itself as a pioneer in real-time graphics, virtual sets, production automation, and cloud-based production workflows, reaching a global audience of over 4.5 billion people daily. Technically, the website is built on WordPress with modern frameworks and technologies such as Kadence Blocks, Gravity Forms, and Slider Revolution. It leverages Cloudflare for CDN and security, integrates Vimeo for video content, and uses advanced analytics and marketing tools like Google Tag Manager and Facebook Pixel. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a professional and engaging user experience. From a security perspective, the site implements several important HTTP security headers and restricts permissions for sensitive APIs. However, the SSL certificate is currently invalid or missing, and TLS 1.2 or higher is not enabled, which are critical issues that reduce the overall security posture. Privacy compliance is strong with clear privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, Vizrt's website reflects a mature and professional digital presence with strong business credibility and technical implementation. Addressing the SSL and TLS issues would significantly enhance their security posture and trustworthiness. Strategic recommendations include updating SSL certificates, increasing HSTS duration, enabling modern TLS protocols, and maintaining rigorous security best practices.

C

Cardiovascular and Interventional Radiological Society of Europe

cirse.org

0

The Cardiovascular and Interventional Radiological Society of Europe (CIRSE) operates a comprehensive and professionally designed website serving as the primary digital presence for the world's largest community of healthcare professionals specializing in minimally invasive image-guided procedures. The site offers extensive educational resources, certification programs, research initiatives, and event information, positioning CIRSE as a leading authority in interventional radiology. The target audience includes healthcare professionals, trainees, medical students, and patients seeking information about interventional radiology. CIRSE's business model focuses on membership services, educational offerings, research collaborations, and publication dissemination within the healthcare sector. Technically, the website is built on a modern WordPress CMS platform with a robust technology stack including PHP 8.2, WooCommerce for e-commerce functionalities, and various plugins such as WPBakery Page Builder and Modern Events Calendar. Hosting and content delivery are managed via Cloudflare, enhancing availability and performance. Despite a rich content base and good mobile optimization, the site suffers from slow performance and lacks a valid SSL certificate, which critically impacts its security posture. From a security perspective, the absence of a valid SSL certificate and disabled TLS protocols represent significant vulnerabilities, exposing users to potential risks during data transmission. However, the site employs several security headers and Cloudflare protection, and no critical vulnerabilities or malware indicators were detected. Privacy compliance is strong, with clear privacy and cookie policies, GDPR adherence, and active consent mechanisms. The site also integrates analytics tools like Matomo and Facebook Pixel with moderate user tracking. Overall, CIRSE's website demonstrates high business credibility and content quality but requires urgent security improvements to ensure safe user interactions. Strategic recommendations include immediate SSL certificate installation, enabling modern TLS protocols, and enhancing security headers. These steps will strengthen trust, compliance, and user confidence, supporting CIRSE's mission and digital maturity.

T-Mobile US is a leading telecommunications company providing wireless phone plans, devices, and home internet services primarily in the United States and Puerto Rico. The website reflects a mature digital presence with comprehensive product offerings, promotional deals, and customer benefits. It targets both consumer and business segments with a strong emphasis on 5G technology and competitive pricing. The company is a subsidiary of Deutsche Telekom and maintains consistent branding and messaging across its digital assets. Technically, the website leverages modern web technologies including Adobe Experience Manager, Alpine.js, and various third-party SDKs for analytics, marketing, and payment processing. The site is hosted on Akamai CDN, ensuring global content delivery. While the site is mobile-optimized and accessible, performance metrics are not provided, but the design and navigation are professional and user-friendly. From a security perspective, the site implements essential security headers and HSTS with preload, but the SSL certificate is currently invalid or missing, which is a critical issue impacting the overall security posture. No major vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear privacy and cookie policies, consent mechanisms, and GDPR indicators. Overall, the website is trustworthy and professional but requires immediate attention to SSL certificate management and TLS protocol support to enhance security and user trust. Strategic recommendations include updating SSL certificates, enabling modern TLS protocols, and continuous monitoring of security headers and compliance frameworks.

A

ATMOsphere

shecco.com

0

ATMOsphere is a specialized business focused on accelerating the clean cooling and heating economy by providing market intelligence, training, conferences, and a marketplace for natural refrigerants. The company positions itself as a key enabler for stakeholders in the sustainable cooling sector, offering comprehensive reports, labels, and educational resources. The website is professionally designed using WordPress with Elementor and WooCommerce, demonstrating a mature digital presence with good SEO and structured data implementation. However, the absence of a valid SSL certificate and HTTPS significantly undermines the site's security posture. Security headers are partially implemented, but critical TLS protocols and encryption are missing, exposing the site to potential risks. Privacy compliance is minimal, with no visible privacy or cookie policies, and contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is credible and professional but requires urgent security and privacy improvements to meet modern standards.

J

Johannes Kepler Universität Linz

jku.at

0

Johannes Kepler Universität Linz operates as a large public university in Austria, offering a wide range of academic programs including Bachelor, Master, Diplom, and doctoral studies. The institution serves students, researchers, and alumni with comprehensive educational and research services, supported by a well-structured and professionally designed website. The university maintains a strong market position as the largest university in Upper Austria with extensive campus services and international programs. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates analytics and marketing tools such as Google Tag Manager and Matomo. However, the absence of a valid SSL/TLS certificate is a critical security gap, exposing users to risks and lowering the overall security posture. Privacy and cookie policies are well implemented with explicit consent mechanisms, reflecting good GDPR compliance. Overall, the website is trustworthy and professional but requires urgent security improvements to enable HTTPS and strengthen its security framework.

A

A&N GesbR

an-gesbr.com

0

A&N GesbR is a small partnership business based in Linz, Austria, represented by Philipp Asanger and Manuel Nobis. The website serves primarily as an informational portal with links to partner sites and basic company details including a physical address and VAT number. The business appears to operate in a retail or tools-related sector, though no explicit service descriptions are provided. Technically, the website is built on WordPress using Elementor and common web technologies such as jQuery and Bootstrap. However, the site lacks HTTPS, which is a critical security deficiency. No privacy or cookie policies are present, and no contact emails or phone numbers are provided, limiting user engagement and compliance with data protection regulations. The overall security posture is weak, with no advanced security headers or protections implemented. Performance data is missing, but the site likely suffers from slow loading due to lack of optimization. The domain registration data aligns well with the website content and business location, indicating legitimacy. Strategic improvements in security, privacy compliance, and contact transparency are recommended to enhance trust and professionalism.

A

Allianz Elementar Versicherungs AG

allianz.at

0

Allianz Elementar Versicherungs AG operates a comprehensive insurance website targeting private customers in Austria, offering a wide range of insurance and financial products including vehicle, health, accident, and life insurance. The website demonstrates strong market positioning with extensive content, professional design, and consistent branding. Technically, the site is built on Adobe Experience Manager, leveraging Cloudflare for hosting and CDN services, and integrates modern marketing and analytics tools such as Adobe Analytics and OneTrust for GDPR compliance. However, a critical security issue is the absence of a valid SSL certificate and HTTPS support, significantly impacting the security posture. Privacy policies and cookie consent mechanisms are well implemented, reflecting good GDPR compliance. Overall, the site is trustworthy and professional but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

DXC Technology is a leading global IT services and consulting company that helps enterprises and public sector organizations modernize their IT infrastructure, optimize data architectures, and enhance security across cloud environments. The company offers a broad portfolio of services including cloud and infrastructure, consulting and engineering, insurance software and business process services, modern workplace solutions, and security services. The website reflects a mature enterprise with consistent branding, comprehensive content, and a global reach with multiple language and regional versions. Technically, the site is built on Adobe Experience Manager with modern marketing and analytics tools integrated, providing a good user experience and accessibility. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a risk to secure communications. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high business credibility and professionalism but requires urgent remediation of SSL/TLS issues to improve security and trust.

E

Erste Asset Management

erste-am.com

0

Erste Asset Management operates as an international asset management company serving both institutional and private investors, primarily based in Austria. The website presents a professional and well-structured digital presence targeting these investor groups with clear navigation and relevant content. Technically, the site leverages a modular GEM framework hosted on AWS CloudFront CDN, ensuring scalability and modern web practices. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the security posture, despite the presence of several security headers and a strict DMARC policy. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, while the business credibility and content quality are strong, the critical lack of HTTPS is a major risk that needs immediate remediation.

O

Omalon

trap.gr

0

Omalon is a Greek company specializing in landscaping, cleaning, asset care, and pest control services, targeting large-scale projects with a focus on sustainability and high standards. The company holds ISO 14001 certification, reflecting its commitment to environmental management. The website is built on WordPress using Elementor and various JetPlugins, hosted on SiteGround, and integrates Google Tag Manager and Analytics for marketing and tracking purposes. While the site is professionally designed and content-rich, it lacks a valid SSL certificate, which is a critical security vulnerability. Privacy and cookie policies are well implemented with consent mechanisms, and contact information is clearly provided. Overall, the business appears legitimate and moderately mature digitally but needs urgent security improvements to protect user data and enhance trust.

Ö

Österreichische Gesundheitskasse

sgkk.at

0

The Österreichische Gesundheitskasse (ÖGK) operates as a major public healthcare insurance provider in Austria, offering a broad range of health-related services to insured individuals, employers, and partners. The website serves as an information and service portal, providing access to appointment scheduling, customer service, health information, and career opportunities. The target audience primarily includes Austrian residents and healthcare stakeholders. The organization holds a strong market position as a government-affiliated entity with consistent branding and trust indicators such as official social media presence and comprehensive privacy policies. Technically, the website is built on a custom CMS likely based on Gentics Content Server, utilizing Jakarta Faces (JSF) framework and jQuery 3.6.0. It integrates Piwik PRO for analytics and employs a detailed Content Security Policy. However, the site currently lacks a valid SSL certificate and does not support HTTPS, which significantly impacts its security posture. Performance data is limited but suggests slower load times. Accessibility and SEO optimizations are well implemented. From a security perspective, the absence of HTTPS and modern TLS protocols is a critical vulnerability. While security headers like CSP and HSTS are present, the lack of a valid certificate and secure transport reduces overall security. No explicit incident response or vulnerability disclosure mechanisms are found. Privacy compliance is strong, with clear cookie consent and privacy policies aligned with GDPR. Overall, the website is professional and trustworthy in content and business credibility but requires urgent improvements in SSL/TLS implementation to enhance security and user trust. Strategic recommendations include immediate SSL certificate deployment, enabling modern TLS protocols, and enhancing security header configurations to protect user data and comply with best practices.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

U

United Nations Office on Drugs and Crime

unodc.org

0

The United Nations Office on Drugs and Crime (UNODC) operates as a key intergovernmental agency focused on combating illicit drugs, crime, corruption, and terrorism globally. It provides extensive research, policy guidance, and technical assistance to member states and partners, positioning itself as a leading authority in its domain. The website reflects a mature, well-branded digital presence with comprehensive content and multi-language support targeting governments, NGOs, researchers, and the public. Technically, the site uses a modern tech stack including Apache, AngularJS, Bootstrap, and Google Tag Manager, hosted on UN Vienna infrastructure. While the site is moderately performant and mobile-optimized, it lacks a valid SSL certificate and modern TLS support, which critically undermines its security posture. Security headers are well implemented, but the absence of HTTPS and session security features are significant vulnerabilities. From a security perspective, the site demonstrates good header policies but fails to provide encrypted transport, OCSP stapling, or session resumption. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking scripts. Business credibility is high given the official UN affiliation and consistent WHOIS data. Overall, the site is authoritative and professional but requires urgent security improvements, especially SSL deployment, to ensure trust and compliance. Strategic recommendations include obtaining valid HTTPS certificates, enabling modern TLS protocols, implementing cookie consent, and enhancing incident response visibility.

T

TransPerfect

transperfect.com

0

TransPerfect is a leading global provider of translation and localization services, serving a wide range of industries including technology, healthcare, finance, retail, and media. The company operates an enterprise-grade website built on Drupal 10, featuring extensive content, client case studies, and multiple subsidiary domains. The technical infrastructure includes modern web technologies and CDN services, ensuring good performance and mobile optimization. However, the security posture is weakened by an invalid SSL certificate and lack of enabled TLS protocols, which poses a critical risk to secure communications. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website reflects a mature, professional enterprise with strong business credibility but requires urgent remediation of SSL/TLS issues to improve security and trust.

The website porreal.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking page. This prevents access to any meaningful content or business information. The site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. No privacy, cookie, or terms of service policies are present, and no contact or business details are available on the landing page. The technical infrastructure is limited to Cloudflare's security and hosting services, but the site suffers from very poor performance and no visible SEO or accessibility features. Overall, the security posture is weak due to missing SSL and security headers, and the site is effectively non-functional for analysis purposes.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

V

Valneva

valneva.com

0

Valneva is a specialty vaccine company focused on the development, manufacturing, and commercialization of prophylactic vaccines addressing infectious diseases with unmet medical needs. The company has a strong market position with multiple commercialized vaccines and a robust pipeline targeting diseases such as chikungunya, Lyme disease, Shigella, and Zika. The website reflects a professional corporate presence with comprehensive investor relations and media resources, targeting healthcare professionals, investors, and partners globally. Technically, the website is built on WordPress with modern SEO and marketing tools, including Google Tag Manager and social media integrations. However, the security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, which poses significant risks to data confidentiality and user trust. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional and credible but requires urgent remediation of SSL/TLS issues to improve security and trust.

N

NOVOMATIC AG

novomatic.com

0

NOVOMATIC AG is a leading global gaming technology company headquartered in Austria, founded in 1980. It operates as a full-service provider in the gaming industry, offering a broad portfolio including gaming cabinets, games, platforms, and additional products. The company has a strong market position as one of the largest gaming technology corporations worldwide and the clear market leader in Europe. The website reflects a professional corporate presence targeting industry partners, casino operators, and job seekers, with comprehensive contact information and multilingual support. Technically, the website is built on Drupal 10 CMS and leverages modern JavaScript libraries and analytics tools such as Matomo. It is hosted behind Sucuri Cloudproxy WAF, ensuring some level of protection. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that significantly lowers the security posture. The site implements security headers and content security policies but must urgently address SSL/TLS configuration to protect user data and maintain trust. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. The company demonstrates business credibility through detailed contact information, licensing by the UK Gambling Commission, and consistent WHOIS data. Overall, the site is content-rich, professionally designed, and trustworthy but requires immediate security improvements regarding SSL/TLS. Strategic recommendations include obtaining and properly configuring SSL certificates, enabling modern TLS protocols, enhancing OCSP stapling and session resumption, and maintaining strong security header policies. These steps will improve security, user trust, and compliance with industry standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

Fischer Sports

fischersports.com

0

Fischer Sports is a well-established Austrian manufacturer and retailer specializing in premium alpine and nordic ski equipment as well as hockey sticks. The company has a strong market presence with a comprehensive product range targeting both professional athletes and recreational users. Their website demonstrates a high level of digital maturity, utilizing modern frameworks such as Nuxt.js and Shopware CMS, supported by Cloudflare for hosting and security. Despite the rich content and professional design, the absence of a valid SSL certificate and lack of HTTPS support represent significant security concerns. The site includes comprehensive privacy and cookie policies with consent mechanisms, reflecting good privacy compliance. However, direct contact information such as company emails or phone numbers is not prominently available, relying mainly on contact forms. Overall, the business appears legitimate and trustworthy, but urgent improvements in security infrastructure are recommended.

P

Projekt Kraft

projektkraft.at

0

Projekt Kraft is a European general contractor and project management company specializing in retail, hospitality, office, and e-mobility sectors. They provide comprehensive services including planning, design, construction, and facility management with a multilingual team and multiple office locations in Austria, Germany, and Italy. The website is professionally designed with rich content and clear navigation, targeting B2B clients seeking turnkey project solutions. Technically, the site runs on WordPress with modern plugins and tracking tools but suffers from a critical security issue due to the lack of a valid SSL certificate, impacting its security posture significantly. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the business demonstrates strong credibility and market presence but should urgently address SSL and TLS configuration to improve security and trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

D

Deutsche Handelskammer in Österreich (DHK)

dhk.at

0

The Deutsche Handelskammer in Österreich (DHK) is a well-established organization dedicated to fostering bilateral economic relations between Germany and Austria. The website presents a professional and comprehensive overview of their services, including business partner mediation, legal and tax consulting, environmental compliance, and event networking. Their market position is strong within the German-Austrian economic cooperation sector, supported by reputable partners and government affiliations. Technically, the site uses modern CMS and caching technologies, ensuring good user experience and accessibility. However, a critical security gap exists due to the absence of HTTPS, exposing users to potential risks. Privacy policies and cookie consent mechanisms are in place, reflecting GDPR compliance. Overall, the site is credible and professionally maintained but urgently requires SSL implementation to improve security posture.

P

pbbr | Sociedade de Advogados RL, Lda.

pbbr.pt

0

pbbr | Sociedade de Advogados RL, Lda. is a small full service law firm based in Lisbon, Portugal, established in 2006. The firm offers comprehensive legal advice and assistance with a national and international client base. Their website reflects a professional and consistent brand image, targeting clients seeking high-quality legal services. The firm maintains a presence on LinkedIn and provides newsletter subscriptions to engage clients and partners. Technically, the website uses a modern tech stack including nginx, PHP, Bootstrap, Google Tag Manager, and Cookiebot for consent management. The site is mobile optimized and SEO friendly, though performance metrics are unavailable. Hosting is managed via host-redirect.com DNS servers. However, the website lacks a valid SSL certificate, resulting in no proper HTTPS support, which is a significant security concern. Security posture is moderate with good use of security headers and content security policies, but the absence of valid SSL/TLS and modern TLS protocols severely undermines security. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Contact information is limited to forms, with no explicit emails or phone numbers displayed. Overall, the website is functional and professional but requires urgent remediation of SSL/TLS issues to improve security and trustworthiness. Strategic improvements in security and contact transparency will enhance the firm's digital maturity and client confidence.

N

Netural GmbH

netural.com

0

Netural GmbH is a mature and reputable digital services provider based in Austria, specializing in digital transformation, web and mobile app development, augmented reality, and eCommerce solutions primarily for B2B clients. The company has a strong market position supported by multiple industry awards and a professional online presence. Technically, the website uses modern web technologies and a CMS (Storyblok), with content optimized for mobile and SEO. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to risks. Privacy policies and cookie consent mechanisms are well implemented, indicating good GDPR compliance. Overall, the business credibility is high, but urgent security improvements are needed to protect data and enhance trust.

Haimer GmbH is a well-established German manufacturing company specializing in precision tool holding products and related services for the machining industry. With over 23 years of domain presence and a global workforce exceeding 800 employees, Haimer offers comprehensive solutions including tool management, calibration, and training. The website reflects a mature digital presence with extensive product catalogs, service offerings, and customer engagement channels. Technically, the site uses modern technologies such as Pimcore CMS, Google Analytics, and Cookiebot for consent management, ensuring a good user experience and compliance with privacy regulations. However, the absence of a valid SSL/TLS certificate significantly impacts the security posture, exposing users to risks and limiting trust. Security headers are properly configured, but the lack of HTTPS is a critical issue. Overall, the business credibility and privacy compliance are strong, but immediate remediation of SSL issues is recommended to enhance security and user trust.

B

Boyden

boyden.com

0

Boyden is a globally recognized leadership and talent advisory firm specializing in executive search, interim management, and leadership consulting services. The company operates through a broad international network with over 75 offices in more than 45 countries, serving a diverse range of industries and markets. Their website reflects a professional and comprehensive presentation of their services, targeting corporate clients seeking high-level talent solutions worldwide. Technically, the website employs standard web technologies including HTML5, CSS3, and jQuery. While the site is well-structured with good SEO and mobile optimization basics, performance data is unavailable. The absence of a valid SSL certificate and lack of modern TLS protocols represent significant technical and security shortcomings. Despite strong security headers and cookie consent mechanisms, the invalid SSL undermines overall security posture. From a security perspective, the site demonstrates awareness of best practices through implemented headers and cookie policies but critically fails in SSL deployment, exposing users to potential risks. No incident response or vulnerability disclosure information is provided, indicating gaps in security transparency and readiness. The WHOIS data supports the legitimacy of the domain and business identity, with no suspicious patterns detected. Overall, Boyden's website is professionally designed and content-rich, supporting its market position as a leading talent advisory firm. However, urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and maintain trust. Enhancements in security transparency and incident response communication would further strengthen their security posture and compliance.

S

STYRIA MEDIA GROUP

styria.com

0

STYRIA MEDIA GROUP is a large, established media company operating multiple brands primarily in Austria. The website serves as a digital presence for the group, showcasing its various media brands and services. The technical infrastructure includes a modern JavaScript framework (Vue.js) and uses Matomo for analytics, indicating a moderate level of digital maturity. However, the website lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a significant security concern. The presence of a Content Security Policy in report-only mode and strict transport security headers shows some security awareness but incomplete implementation. Privacy compliance is well addressed with GDPR-compliant policies and consent management tools. Overall, the website is functional but requires urgent security improvements to protect user data and enhance trust.

L

Loacker Recycling: Entsorgung & Verwertung seit 1876

loacker.cc

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 26 security findings identified across all modules.

U

Unisys

unisys.com

0

Unisys is a global technology solutions provider specializing in cloud, AI, digital workplace, logistics, and enterprise computing services. The company targets businesses and governments seeking advanced technology solutions to drive innovation and operational efficiency. Their website reflects a mature enterprise with consistent branding and a broad portfolio of services, including consulting and AI-driven transformation. Technically, the site uses modern marketing and analytics tools such as Google Tag Manager, Azure Application Insights, and Optimizely, hosted primarily on AWS infrastructure. However, the website suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which severely impacts its security posture. Additionally, no privacy or cookie policies were detected, indicating potential compliance gaps. Performance is suboptimal with a high load time, though the site is mobile-optimized and well-structured. Overall, the website demonstrates good business credibility but requires urgent security and privacy improvements to meet modern standards.

W

Warner Music Group

wmg.com

0

Warner Music Group (WMG) is a leading global music entertainment company specializing in recorded music, music publishing, and artist services. The website reflects WMG's position as a major player in the media and entertainment industry, targeting artists, songwriters, investors, and job seekers. The site features rich multimedia content, artist showcases, and corporate information, supporting its business model as a comprehensive music company. Technically, the site is built on WordPress with modern JavaScript libraries and hosted via WP Engine with Cloudflare CDN, indicating a mature digital infrastructure. However, performance metrics are lacking, and SSL/TLS configuration is critically deficient, exposing the site to security risks. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Social media integration and investor relations presence enhance trust and transparency. Overall, the site is professional and content-rich but requires urgent security improvements to align with best practices.

The website integralgroup.com is currently inaccessible due to a Cloudflare security challenge page that requires human verification before access. This prevents any direct analysis of the actual business content or services offered. The domain is mature, registered since 2005, and protected with strong domain status flags, indicating a legitimate and stable registration. However, the lack of a valid SSL certificate and HTTPS support is a critical security deficiency. The technical infrastructure relies on Cloudflare for security and DNS services, but the website's performance is poor with a very slow load time. No business or contact information is publicly accessible on the landing page, limiting trust and credibility assessment. Overall, the site is currently in a blocked state, restricting comprehensive evaluation.

C

Canada Post

canadapost.ca

0

Canada Post is the national postal service provider in Canada, offering a wide range of mailing, shipping, money transfer, marketing, and e-commerce support services to individuals and businesses. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site uses modern frameworks such as Foundation and jQuery, along with advanced marketing and analytics tools including Adobe DTM, Google Analytics, and Qualtrics. However, a critical security issue is the invalid SSL certificate and lack of enabled TLS protocols, which significantly impacts the security posture. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site is professional and trustworthy but requires urgent remediation of SSL and TLS configurations to ensure secure user interactions.

V

Venionaire Capital

venionaire.com

0

Venionaire Capital is a medium-sized, globally active investment and advisory firm specializing in Private Equity and Venture Capital. The company offers a broad range of services including fund management, corporate finance, M&A, restructuring, and research products. It targets investors, entrepreneurs, and corporates, positioning itself as an entrepreneurial partner with a strong global footprint and multiple co-founded initiatives enhancing the investment ecosystem. The website content is professionally presented with clear navigation and rich service descriptions, reflecting a mature business model and market presence. Technically, the website is built on WordPress using the Enfold theme and integrates common technologies such as jQuery, Yoast SEO, and Google Analytics. However, the site suffers from critical security shortcomings, notably the absence of HTTPS and a valid SSL certificate, which severely impacts its security posture. Performance is slow, and while mobile optimization and SEO are good, accessibility is basic. Cookie consent mechanisms are present, but no explicit security or incident response policies are published. Security-wise, the lack of HTTPS and modern TLS protocols is a major vulnerability, exposing users to data interception risks. No advanced security headers or certificate transparency measures are implemented. The WHOIS data is consistent with the business claims, showing no suspicious patterns. Overall, the site demonstrates good business credibility but requires urgent security improvements to protect user data and enhance trust. Strategically, Venionaire Capital should prioritize obtaining and configuring a valid SSL certificate, enabling HTTPS, and implementing modern security headers and protocols. Enhancing privacy and incident response disclosures would also improve compliance and user confidence. These steps will strengthen the company's digital maturity and reduce risk exposure.

The website for parkhyattvienna.com represents a luxury hospitality business under the Hyatt Hotels Corporation umbrella, targeting affluent travelers seeking premium accommodation and services in Vienna, Austria. However, the website content is extremely minimal, lacking essential information such as privacy policies, contact details, and business descriptions. The technical infrastructure shows use of JavaScript and hosting via Amazon CloudFront, but no modern CMS or frameworks are detected. Performance and SEO optimization are poor due to the lack of content and metadata. From a security perspective, the site lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical vulnerability for any modern website, especially in hospitality where customer trust is paramount. Security headers are minimal, and no advanced security practices are implemented. There is no evidence of GDPR compliance or cookie consent mechanisms, which could expose the business to regulatory risks. Overall, the website presents a high risk due to its poor security posture, lack of compliance documentation, and minimal content quality. Strategic improvements are necessary to enhance trust, security, and user experience to align with the expectations of a luxury hospitality brand.

The website osram-continental.com currently serves as a parked domain with a prominent banner indicating it is for sale. There is no active business content, company description, or contact information beyond a sales phone number. The embedded iframe references automotive lighting technology keywords, suggesting the domain may have been intended for or associated with automotive lighting products or services, but no direct business operations are evident on the site. Technically, the site uses basic HTML, CSS, and JavaScript with Google Adsense for monetization. The hosting appears to be on DigitalOcean based on IP addresses. Performance is slow with a high load time and minimal content size. Security posture is weak due to the absence of a valid SSL certificate, no HTTPS support, and lack of security headers or DNS security features. Privacy compliance is minimal with only a basic privacy policy page and no cookie consent mechanism. Overall, the site lacks professionalism and trust indicators, making it unsuitable for business or customer engagement in its current state.

S

Seco Tools

secotools.com

0

Seco Tools is a leading global manufacturer and provider of metal cutting solutions and tooling systems, positioned as one of the largest tooling companies worldwide. The website reflects a mature enterprise with a broad international market presence, supporting multiple languages and regional markets. Technically, the site is hosted on Microsoft Azure using IIS and ASP.NET technologies, with integrations for analytics and marketing tools such as Google Analytics, OneTrust, and BrightEdge. However, the absence of a valid SSL certificate and HTTPS support is a critical security shortfall, exposing users to potential risks and undermining trust. The security posture is further weakened by permissive Content Security Policy settings and incomplete HSTS implementation. Privacy compliance is partially addressed through cookie consent mechanisms, but the lack of a visible privacy policy and contact information limits transparency. Overall, the site demonstrates good business credibility and technical maturity but requires urgent improvements in security and privacy compliance to align with best practices and regulatory expectations.

R

Renesas Electronics Corporation

dialog-semiconductor.com

0

Renesas Electronics Corporation is a global leader in microcontrollers, analog, power, and SoC products, delivering embedded design innovation for a wide range of industries. The company targets embedded systems developers and technology companies with a comprehensive portfolio of semiconductor products and design resources. The website reflects a mature, enterprise-level business with a strong market position and extensive product offerings. Technically, the website is built on Drupal 10, hosted behind Cloudflare, and utilizes modern web technologies including Google Tag Manager and New Relic for monitoring. The site is well-structured, mobile-optimized, and SEO-friendly, providing a professional user experience. However, the absence of a valid SSL certificate and incomplete security configurations represent significant security concerns. From a security perspective, while several security headers are implemented, the lack of HTTPS and TLS support critically undermines the site's security posture. No explicit incident response or security policy pages were found, and cookie consent mechanisms are absent despite GDPR compliance indications. The domain is mature and registered with a reputable registrar, consistent with the company's profile. Overall, the site is professionally maintained with strong business credibility but requires urgent improvements in SSL/TLS deployment and privacy compliance mechanisms to enhance security and user trust.

D

DO & CO – KULINARISCHE GENÜSSE AUF JEDEM BANKETT UND IN DER LUFT

doco.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 4 critical issues require immediate attention. Total of 30 security findings identified across all modules.

C

Capri-Sun

capri-sun.com

0

Capri-Sun is a well-established global beverage brand with a multilingual website targeting consumers across many countries. The website provides localized content but lacks visible privacy, cookie, or terms of service policies on the homepage. Technically, the site uses Cloudflare for hosting and CDN services and implements Google Tag Manager for analytics and marketing. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a significant security concern. Security headers are partially implemented but HSTS is disabled, and no advanced TLS protocols are enabled. No contact information or forms are present on the homepage, limiting direct user engagement and transparency. Overall, the website demonstrates moderate digital maturity but requires urgent improvements in security and privacy compliance to meet modern standards.

C

Casinos Austria AG

casinos.at

0

Casinos Austria AG operates a comprehensive network of casinos across Austria, providing a wide range of gaming options including poker, slot machines, and table games, complemented by hospitality services such as restaurants and event locations. The website serves as the official digital presence, targeting casino visitors and players with detailed information on locations, events, membership benefits, and promotional packages. The company holds a strong market position as a leading casino operator in Austria, supported by consistent branding and trust indicators such as recognized certifications and responsible gaming initiatives. Technically, the website is built on TYPO3 CMS and employs modern web technologies including JavaScript and SVG graphics. It integrates multiple analytics and marketing tools with user consent mechanisms, ensuring good digital maturity. The site is mobile-optimized and accessible, with good SEO practices and clear navigation enhancing user experience. From a security perspective, while the site implements several important security headers and content security policies, it currently lacks a valid SSL certificate and does not support modern TLS protocols, significantly weakening its security posture. This exposes the site to risks related to unencrypted traffic and potential interception. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. The presence of a responsible disclosure page indicates a proactive approach to vulnerability management. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to secure user data and maintain trust. Strategic recommendations include obtaining a valid SSL certificate, enabling TLS 1.2 or higher, and fully activating HSTS. These steps will enhance security, compliance, and user confidence, supporting the company’s strong market presence and digital strategy.