High-risk security reports

W

wikifolio Financial Technologies AG

wikifolio.com

0

wikifolio Financial Technologies AG operates a sophisticated online investment platform focused on European stocks and social trading. The platform enables investors worldwide to access trading ideas, create virtual portfolios, and invest in wikifolio certificates listed on stock exchanges in Germany, Austria, and Switzerland. The company is well-positioned in the European finance sector with a medium-sized operation and a strong brand presence supported by partnerships and positive testimonials. Technically, the website leverages modern web technologies including React, Next.js, and Chakra UI, hosted on Azure infrastructure with CDN support for performance. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a professional user experience. From a security perspective, the site currently lacks a valid SSL certificate and does not support modern TLS protocols, which is a critical vulnerability. Security headers are partially implemented but key features like HSTS and OCSP stapling are missing. Privacy compliance is strong with comprehensive policies and clear contact information, but incident response and security policy disclosures are absent. Overall, the website presents a trustworthy and professional business front but requires urgent improvements in SSL/TLS security to protect user data and maintain trust. Strategic recommendations include immediate SSL certificate installation, enabling TLS 1.2+, and enhancing security headers and incident response readiness.

SIGEL is a medium-sized manufacturing company specializing in innovative office equipment and smart procurement solutions tailored for modern, agile work environments. The company positions itself as a trusted partner for businesses seeking high-quality office products, supported by multiple international design awards and ISO certification. The website is professionally designed using Drupal 11, with strong SEO, accessibility, and multi-language support, reflecting a mature digital presence. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture. While security headers and cookie consent mechanisms are well implemented, the lack of incident response and vulnerability disclosure policies indicates room for improvement in security governance. Overall, the website is trustworthy and professional but requires urgent remediation of its SSL/TLS configuration to ensure secure user interactions.

P

Pankl SHW Industries AG

pankl.com

0

Pankl SHW Industries AG operates as a leading Austrian manufacturing group specializing in high-technology mechanical systems for niche markets including motorsport, luxury automotive, and aerospace. The company is majority-owned by Pierer Industrie AG and maintains a strong international presence with 21 locations and over 4,200 employees. Their product portfolio spans engine and turbo systems, drivetrain components, forged parts, aerospace components, and advanced powder metallurgy products. The website reflects a professional corporate identity with comprehensive content and clear navigation, targeting industrial clients and partners. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use. However, the absence of a valid SSL certificate and HTTPS implementation significantly weakens the security posture, exposing users to potential risks. Privacy and cookie policies are well implemented, indicating GDPR compliance. The domain registration is mature and consistent with the business claims, enhancing trustworthiness. Strategic security improvements are recommended to elevate the site's protection and user trust.

S

Spanische Hofreitschule & Lipizzanergestüt Piber

srs.at

0

The website for Spanische Hofreitschule & Lipizzanergestüt Piber represents a well-established cultural institution in Austria focused on classical horse riding performances and heritage preservation. It offers rich content about its services, events, and visitor information, targeting tourists and cultural enthusiasts. The site uses modern CMS technology (Craft CMS) and integrates privacy-compliant analytics and cookie consent mechanisms. However, the lack of a valid SSL certificate and HTTPS severely impacts its security posture. While security headers are partially implemented, the absence of encryption exposes users to risks. The business information is clear and consistent with WHOIS data, supporting legitimacy. Overall, the site is professionally designed and user-friendly but requires urgent security improvements to protect visitors and enhance trust.

E

EVN

evn.at

0

EVN is a large Austrian energy provider specializing in electricity, gas, heating, water, photovoltaic solutions, and e-mobility services. The website targets private customers, businesses, agriculture, and municipalities, offering a comprehensive range of energy-related products and services. The company maintains a professional and consistent online presence with clear navigation and rich content. Technically, the site uses Kentico CMS, Cloudflare CDN, and integrates analytics tools like eTracker and Microsoft Application Insights. However, the security posture is weak due to the absence of a valid SSL certificate and disabled TLS protocols, which critically impacts secure communications. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. Overall, the site is trustworthy and professional but requires urgent improvements in SSL/TLS configuration to ensure user security.

S

Svenska Cellulosa Aktiebolaget SCA (publ)

sca.com

0

SCA (Svenska Cellulosa Aktiebolaget) is a large enterprise operating primarily in the forestry, energy, and logistics sectors, with a strong focus on sustainability and renewable resources. The company manages Europe's largest private forest holdings and offers a comprehensive value chain including forest services, wood products, containerboard, renewable energy, pulp, and logistics. The website is professionally designed, content-rich, and well-structured, targeting stakeholders such as forest owners, investors, customers, and job seekers. Technically, the site uses modern JavaScript modules, SVG graphics, and is hosted behind Cloudflare, but lacks a valid SSL certificate, resulting in no HTTPS support which is a critical security concern. Privacy and cookie policies are present and indicate GDPR compliance, and the site uses Piwik PRO for analytics with moderate user tracking. The security posture is weak due to the absence of HTTPS and modern TLS protocols, no HSTS, and no OCSP stapling. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

I

IBT Connecting Energies GmbH

ibtgroup.at

0

IBT Connecting Energies GmbH is a medium-sized energy sector company specializing in high-efficiency cogeneration and trigeneration solutions for industrial clients. The company has a strong market position in Italy and Europe, supported by strategic partnerships with technology leaders such as Capstone Green Energy and Century Corporation. Their business model focuses on B2B energy efficiency projects, including consulting, implementation, maintenance, and investment services. The website reflects a professional digital presence with comprehensive content and clear navigation, targeting industrial customers seeking sustainable energy solutions. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted likely on SiteGround. However, the lack of a valid SSL certificate and HTTPS implementation is a critical security gap. Privacy and cookie policies are well implemented and GDPR compliant, enhancing user trust. Social media integration and partner logos further strengthen credibility. Overall, the site demonstrates good digital maturity but requires urgent security improvements to protect user data and maintain trust.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 9 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

P

Polymer Competence Center Leoben GmbH

pccl.at

0

The Polymer Competence Center Leoben GmbH (PCCL) is a leading Austrian research institution specializing in polymer technology and polymer sciences. It collaborates closely with industry partners and academic institutions to deliver innovative R&D projects across sectors such as automotive, aerospace, packaging, and renewable energy. The website reflects a mature organization with a clear focus on cooperative research and sustainable polymer solutions. Technically, the site is built on Joomla CMS with a variety of extensions and frameworks, but suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS support. This significantly impacts the security posture and user trust. Privacy and compliance documentation is well maintained, including GDPR-compliant privacy policies and incident reporting mechanisms. Overall, the site is professional and content-rich but requires urgent improvements in security infrastructure to align with best practices and user expectations.

Z

ZKW Group

zkw-group.com

0

ZKW Group is a leading global supplier specializing in innovative premium lighting systems and electronics for the automotive industry. The company positions itself as a strategic partner to automotive manufacturers worldwide, focusing on delivering advanced lighting solutions. The website reflects a professional corporate presence with multilingual support and strong branding aligned with its parent company, LG. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, hosted on WP Engine with Google Cloud infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly undermines the site's security posture. The site implements cookie consent mechanisms compliant with GDPR via Usercentrics, but lacks visible contact information and detailed security or incident response policies. Overall, while the business and technical maturity are solid, urgent remediation of SSL/TLS issues is necessary to ensure secure user interactions and maintain trust.

J

Jungheinrich AG

jungheinrich.com

0

Jungheinrich AG is a globally leading company in the intralogistics sector, headquartered in Hamburg, Germany. The company specializes in manufacturing industrial trucks, warehouse and material flow technology, and providing logistics services. The website reflects a mature enterprise with a strong market position and comprehensive service offerings targeting businesses requiring intralogistics solutions. Technically, the website employs modern web technologies including Vue.js, CoreMedia CMS, and integrates multiple marketing and analytics tools such as Google Tag Manager, Marketo, and Cookiebot. However, a critical security issue is present due to an invalid SSL certificate and lack of enabled TLS protocols, which significantly impacts the site's security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professionally designed, content-rich, and trustworthy but requires urgent remediation of SSL/TLS issues to ensure secure user interactions.

A

American Superconductor

amsc.com

0

American Superconductor (AMSC) is a medium-sized US-based technology company specializing in advanced power electronics and superconductor systems that support smarter, cleaner energy solutions globally. The company serves energy utilities, renewable energy developers, and marine power sectors, positioning itself as a key player in the energy technology market with NASDAQ listing and a global footprint. The website reflects a professional digital presence with clear business descriptions, investor relations, and product offerings focused on grid and renewable energy solutions. Technically, the site is built on WordPress with modern JavaScript libraries and frameworks, hosted on Pantheon, and optimized for mobile users. However, performance is moderate and accessibility is basic. Security posture is weak due to the absence of a valid SSL certificate and lack of HTTPS, exposing the site to risks and reducing trust. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the site is credible but requires urgent security improvements to protect users and enhance trust.

S

Sanitär-Heinze GmbH & Co. KG

sanitaer-heinze.com

0

Sanitär-Heinze GmbH & Co. KG operates as a specialized wholesale and service provider in the sanitary, heating, ventilation, and renewable energy sectors primarily serving professional customers in Germany. The company offers a broad portfolio including bathroom products, heating systems, ventilation solutions, and 3D bathroom planning services. Their market position is that of an established regional player with a consistent brand presence and multiple product lines. Technically, the website is built on the Pimcore CMS platform, leveraging modern JavaScript libraries and Google analytics tools, with a professional design and good navigation. However, the absence of a valid SSL certificate and HTTPS support is a critical security flaw that significantly impacts the security posture. Cookie consent is implemented properly, and privacy policies are comprehensive and GDPR compliant. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

A

Arbonia AG

arbonia.com

0

Arbonia AG is a large Swiss manufacturing company specializing in interior architectural products such as doors, showers, and room partition systems. The company operates through 15 specialized subsidiaries producing in Central Europe and serves architects, interior designers, and construction industry professionals globally. The website is built on TYPO3 CMS and features a modern design with good navigation and mobile optimization. It includes a GDPR-compliant cookie consent mechanism and links to comprehensive privacy policies. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which significantly impacts its security posture. Security headers are well configured, but the absence of TLS protocols and OCSP stapling are notable vulnerabilities. Contact information is present but lacks direct emails or phone numbers on the site. Social media presence is active on YouTube, Instagram, and LinkedIn. Overall, the website is professional and trustworthy but requires urgent improvements in SSL/TLS implementation to enhance security and user trust.

F

FRIEDEN Informatik GmbH

steinringer.com

0

FRIEDEN Informatik GmbH is a specialized IT and software company serving the Austrian residential construction sector, offering consulting, custom software solutions, and IT support. The company is a subsidiary of the Wohnbaugenossenschaft FRIEDEN, leveraging over 25 years of industry experience to provide tailored IT services to housing cooperatives, property managers, and real estate developers. The website content is professionally presented, targeting a German-speaking audience primarily in Austria. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses advanced cookie consent management to comply with GDPR. However, the SSL/TLS configuration is currently invalid, which poses a significant security risk and undermines trust. Security headers are partially implemented, but critical protections like a valid HTTPS certificate and XSS protection are missing. The domain steinringer.com shows inconsistent DNS and SSL data, suggesting it may not be the primary domain for the website content, which is hosted on frieden-informatik.at. Overall, the business demonstrates strong market positioning and privacy compliance but requires urgent improvements in SSL security and domain configuration to enhance trust and security posture.

The domain humai.tech is registered to Partium Technologies GmbH, an Austrian technology company founded in 2017. Currently, the website is suspended due to ICANN verification requirements, and no active business content or services are available on the site. The domain is mature with 8 years of registration history, but the suspension indicates administrative compliance issues rather than technical or security problems. The hosting provider is Host Europe GmbH, and the site runs on a legacy Microsoft IIS and ASP.NET 4.0 stack. From a technical perspective, the website lacks HTTPS support, has no valid SSL certificate, and does not implement modern security headers or DNSSEC. Performance metrics are unavailable, and the site shows poor mobile optimization and accessibility. No privacy, cookie, or terms of service policies are present, and no analytics or advertising technologies are detected. Contact information is limited to Host Europe support details and a form to resend verification emails. Security posture is weak due to the absence of HTTPS and domain protection locks, increasing risk exposure. The domain registration is consistent and legitimate, but the lack of domain locks and the suspension status reduce trustworthiness. Overall, the website is non-operational and presents significant compliance and security gaps. Strategic recommendations include obtaining a valid SSL certificate to enable HTTPS, completing ICANN verification promptly, implementing domain protection locks, adding privacy and cookie policies, and improving technical infrastructure to modern standards to restore trust and operational status.

The domain parker.com appears to represent a large manufacturing business, likely Parker Hannifin or a related entity, based on DNS and domain data. However, the website content is currently inaccessible due to an access denial page, likely caused by a Web Application Firewall or other security mechanism. This prevents direct analysis of business content, policies, or contact information. The technical infrastructure includes Akamai CDN services and multiple MX mail servers, indicating enterprise-grade hosting and email setup. Security posture is weak on the web server side, with no valid SSL certificate or HTTPS support detected, which is a critical issue. The domain's DNS and WHOIS data show a consistent and legitimate registration with appropriate email security policies such as DMARC with reject policy and reporting enabled. Overall, the site is currently not accessible for normal users, limiting content and privacy compliance analysis.

E

EGLO FINLAND OY

eglo.com

0

EGLO FINLAND OY operates as a major player in the global lighting manufacturing and retail sector, offering a wide range of lighting and home decor products through a multilingual e-commerce platform. The company is well-established with a domain age of 27 years and a strong market presence supported by a global network of sales entities. The website is professionally designed, user-friendly, and targets consumers and retailers seeking lighting solutions. Technically, the site leverages Magento Commerce with modern JavaScript frameworks and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security weaknesses that undermine the site's security posture. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business is credible and trustworthy, but urgent security improvements are recommended to protect user data and enhance trust.

G

Global Blue

globalblue.com

0

Global Blue operates as a provider of tax-free shopping solutions and related financial services targeting international shoppers and retailers. The website serves as an informational and service platform, primarily implemented as a modern Angular single-page application. However, the site currently lacks visible content beyond the SPA shell, with no accessible privacy, cookie, or terms of service policies, and no contact information available in the HTML content. Technically, the site uses Varnish caching and modern JavaScript frameworks but suffers from poor SSL/TLS configuration, lacking a valid certificate and HTTPS support, which severely impacts security and trustworthiness. Security headers are minimal, and no vulnerability disclosure or incident response information is published. Overall, the website's security posture is weak, and privacy compliance is poor, which could expose the business to risks and reduce user trust.

S

Smarter Ecommerce GmbH

smarter-ecommerce.com

0

Smarter Ecommerce GmbH is an established Austrian company founded in 2007, specializing in AI-powered PPC campaign management software and expert consulting services tailored for ecommerce businesses. The company holds reputable certifications such as Google Premier Partner and Microsoft Advertising Elite Partner, positioning itself as a trusted player in the ecommerce marketing technology sector. Their offerings focus on Performance Max optimization, Google Ads management, and comparison shopping services, targeting ecommerce clients seeking to maximize advertising ROI. Technically, the website leverages modern web technologies including Bootstrap, GSAP, and Storyblok CMS, hosted behind Cloudflare CDN. The site implements a consent management platform (Usercentrics) and integrates multiple analytics and tracking tools such as Google Analytics, Hotjar, and Microsoft Clarity, reflecting a mature digital marketing infrastructure. Mobile optimization and SEO practices are well addressed, although performance metrics are not explicitly available. From a security perspective, the site lacks a valid SSL certificate, which is a critical vulnerability impacting user trust and data protection. While some security headers are present, important enhancements such as DNSSEC, CAA records, and full HSTS implementation are missing. No explicit security or incident response policies are published, and no vulnerability disclosure mechanisms are evident. Privacy compliance is well managed through a comprehensive privacy policy and cookie consent mechanism. Overall, the website demonstrates strong business credibility and digital maturity but requires urgent remediation of SSL/TLS issues and security hardening to ensure secure user interactions and compliance with best practices.

P

Pümpel

puempel.at

0

Pümpel is a well-established construction materials and services company based in Vorarlberg, Austria, with over 90 years of experience. The company serves both private and commercial customers, offering a wide range of products including wood, windows, doors, tools, and garden supplies, alongside services such as consultation, delivery, custom cutting, and professional installation. Their market position is strong regionally, supported by certifications and a professional online presence. Technically, the website is built on WordPress with a modern frontend stack including Bootstrap and jQuery, but it lacks HTTPS and uses an outdated PHP version, which poses security risks. The security posture is weak due to missing SSL and security headers, although SPF and DMARC email protections are in place. Privacy compliance is basic with cookie consent and privacy information available, but no dedicated security or incident response policies are found. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

Hypo Tirol Bank AG

hypotirol.com

0

Hypo Tirol Bank AG operates as a digital regional bank in Austria, primarily serving private and corporate clients in Tirol and Vienna. The website presents a comprehensive portfolio of banking products including accounts, cards, savings, investments, loans, and insurance services. The bank emphasizes personal service combined with digital convenience, targeting a broad customer base from individuals to public institutions. The site is professionally designed with clear navigation and localized German content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and integrates marketing and tracking tools such as Google Tag Manager and Adrom.net. However, the website currently lacks a valid SSL/TLS certificate, resulting in no HTTPS support, which is a critical security vulnerability. Other security best practices such as security headers and HSTS are also missing. Privacy compliance is well addressed with a comprehensive privacy and cookie policy and an active consent mechanism. Overall, while the business and content aspects are strong, the security posture requires urgent improvement to protect user data and maintain trust.

B

brandingpark GmbH

brandingpark.at

0

brandingpark GmbH is an established Austrian company specializing in event branding and event logistics since 2006. The company offers comprehensive services including event creation, management, logistics, and consulting, targeting event organizers and promotional businesses primarily in Austria. The website reflects a professional business with clear service offerings and multiple office locations in Graz and Vienna. Technically, the site is built on the Wix platform utilizing modern web technologies such as React 18 and Wix Pro Gallery, but suffers from slow performance and lacks a valid SSL certificate, which is a critical security concern. The absence of HTTPS and security headers exposes the site to potential risks and undermines user trust. Privacy compliance is minimal, with no evident cookie consent mechanisms, though a basic privacy policy and terms of service are present. Overall, the business appears credible and trustworthy, but the technical and security posture requires significant improvement to meet modern standards.

TDK Corporation is a leading global manufacturer of electronic components and devices, specializing in high magnetics technology. The company maintains a strong market position with a comprehensive corporate website offering detailed information on its business, sustainability efforts, investor relations, and career opportunities. The website is professionally designed, multilingual, and targets investors, customers, and job seekers worldwide. Technically, the site is built on Drupal CMS with modern JavaScript libraries such as jQuery, Swiper.js, and GSAP, but suffers from slow load times and lacks a valid SSL certificate, which is a critical security concern. Security posture is weak due to missing HTTPS and security headers, though privacy and cookie policies are present with consent mechanisms, indicating good privacy compliance. Overall, the site is trustworthy and professional but requires urgent security improvements to protect user data and enhance trust.

T

TCI Consult GmbH

tciconsult.eu

0

TCI Consult GmbH is a specialized consulting firm with over 30 years of experience focusing on corporate management, banking control, business intelligence, and cybersecurity. The company operates primarily in Austria and Germany, targeting sectors such as finance, public services, telecommunications, and manufacturing. Their services include data warehousing consulting, cybersecurity assessments, and compliance support for EU regulations like NIS 2 and DORA. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery and Foundation, with analytics powered by Google Analytics and Piwik/Matomo. However, the site suffers from a critical security flaw due to an invalid SSL certificate, resulting in no HTTPS protection. This significantly impacts the security posture and trustworthiness of the site. Privacy compliance is partially addressed through Cookiebot consent mechanisms and a privacy policy located on the impressum page, but lacks comprehensive GDPR indicators. Overall, the website presents professional content and consistent branding but requires urgent security improvements to meet modern standards.

UniCredit Bank Austria AG operates as a major financial institution in Austria, providing a wide range of banking services including retail, corporate, and private banking. The website targets private customers, corporate clients, and private banking customers with comprehensive offerings such as accounts, credit cards, loans, insurance, and investment products. The bank is part of the UniCredit Group, indicating a strong market position and enterprise scale. The website is professionally designed with consistent branding and rich content, supporting a high level of user engagement and trust. Technically, the website employs modern JavaScript libraries and third-party services such as Tag Commander for tag management and Genesys for customer service. Hosting is supported by Akamai CDN infrastructure, enhancing availability and performance. However, the site suffers from slow load times and lacks a valid SSL certificate, which is a critical security flaw for a banking website. Accessibility and SEO optimizations are well implemented, and mobile responsiveness is good. Security posture is weak due to the absence of HTTPS, missing security headers, and no HSTS policy. While no immediate vulnerabilities are detected, these gaps expose the site to risks and reduce user trust. Privacy compliance is strong with clear privacy and cookie policies, GDPR adherence, and consent mechanisms in place. Business credibility is high, supported by certifications and transparent legal information. Overall, the site is a professional and comprehensive banking portal but requires urgent security improvements, especially SSL/TLS implementation, to meet industry standards and protect user data effectively.

The domain bspotted.net currently serves no active website content and instead displays a Heroku error page indicating 'No such app'. This suggests the website is inactive or decommissioned. There is no business information, metadata, or user-facing content available to analyze. The DNS records show multiple A records and Google MX records, indicating email services are configured, but no SSL certificate is present, and the site is served over HTTP only. The hosting provider is Heroku, but the lack of a valid SSL certificate and security headers indicates a poor security posture. Overall, the site is not accessible for normal users and lacks any privacy or compliance policies, contact information, or business credibility indicators.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

O

Oper Graz

oper-graz.com

0

Oper Graz is a well-established cultural institution based in Austria, specializing in opera, ballet, concerts, and related performing arts. The website serves as a portal for event information, ticket sales, and community engagement, targeting a broad audience including families, youth, and cultural enthusiasts. The business model revolves around live event performances and ticketing services, supported by partnerships with regional theater organizations. Technically, the site is built on WordPress with a multilingual setup and uses common plugins for SEO, forms, and interactive content. However, the absence of a valid SSL certificate and HTTPS severely impacts the site's security posture. While the site demonstrates good content quality, accessibility, and SEO practices, the lack of modern security protocols and headers exposes it to risks. Privacy compliance is addressed with clear policies and cookie consent mechanisms. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

H

Holcim

lafargeholcim.com

0

Holcim is a globally recognized enterprise specializing in innovative and sustainable building materials and solutions. The company positions itself as a leader in decarbonizing construction with a broad portfolio including low-carbon cement, concrete, roofing, and insulation products. Their website reflects a mature, well-established business with a strong emphasis on sustainability, innovation, and corporate responsibility. The target audience includes construction professionals, architects, investors, and sustainability advocates worldwide. Technically, the site is built on Drupal CMS, hosted on AWS infrastructure, and employs modern web technologies and SEO best practices. However, a critical security gap exists due to the absence of HTTPS/SSL, which severely impacts the site's security posture. While security headers are properly configured, the lack of encryption exposes users to risks. Privacy and cookie policies are comprehensive and GDPR compliant, indicating good privacy governance. Overall, the website is professional and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

V

VTU Top GmbH

vtu.com

0

VTU Top GmbH is a medium-sized Austrian engineering company specializing in the planning and implementation of modern, sustainable process plants primarily serving the Life Sciences, Chemistry, and Process Industry sectors. The company offers a broad range of services including general planning (EPCMv), process engineering, electrical engineering, automation, GMP services, and manufacturing science & technology. The website is built on TYPO3 CMS with modern frontend technologies and provides comprehensive business and contact information, including a contact form and social media presence on LinkedIn. However, the site currently lacks a valid SSL certificate and HTTPS support, which is a critical security vulnerability. Privacy and cookie policies are well implemented with a consent mechanism, reflecting good GDPR compliance. Overall, the website presents a professional image but requires urgent security improvements to protect user data and enhance trust.

S

Speedinvest

speedinvest.com

0

Speedinvest is a well-established European venture capital firm focused on funding early-stage technology startups across multiple sectors including deep tech, fintech, health, climate tech, marketplaces, and SaaS. With over €1 billion under management, the company provides not only capital but also hands-on support and access to a broad network of founders and industry experts. The website reflects a professional and comprehensive digital presence, targeting founders and startups seeking early-stage investment and growth support. Technically, the site is built on Webflow and hosted via Cloudflare, leveraging modern JavaScript libraries such as GSAP and jQuery for enhanced user experience. However, the site suffers from critical security shortcomings, notably the absence of a valid SSL certificate and HTTPS, which severely impacts its security posture and trustworthiness. Cookie consent is managed effectively via Cookiebot, ensuring GDPR compliance and transparency in data collection practices. Overall, while the business model and content quality are strong, the lack of HTTPS and security headers represents a significant risk that should be addressed promptly.

Alukoenigstahl appears to be a manufacturing company specializing in steel or metal products, operating primarily in Austria. The root domain alukoenigstahl.com serves only as a redirect to the main website hosted at alukoenigstahl.at, indicating a possible multi-domain strategy or regional targeting. The website infrastructure is based on Microsoft IIS and ASP.NET technologies, but the root domain lacks meaningful content and does not have an SSL certificate installed, exposing it to security risks and reducing user trust. DNS and email configurations are properly set up with SPF and DMARC policies, indicating some level of email security awareness. However, the absence of HTTPS and minimal website content significantly impact the overall digital maturity and security posture.

P

PageGroup

page.com

0

PageGroup is a well-established global recruitment consultancy operating since 1976 with a strong market position and multiple specialist brands. The website reflects a professional corporate presence with comprehensive content targeting job seekers, employers, and investors. Technically, the site uses a mature Drupal CMS platform with modern front-end libraries and integrates multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and disabled TLS protocols, which critically impact secure communications. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy but requires urgent security improvements to protect user data and maintain credibility.

B

BECOM Electronics GmbH

becom.at

0

BECOM Electronics GmbH is a medium-sized Austrian company specializing in electronic manufacturing services (EMS) and embedded solutions, serving industries such as automotive, medical technology, and industrial electronics. The company operates internationally with subsidiaries in Germany, Hungary, China, and the USA, positioning itself as a reliable partner for end-to-end electronic product development and production. Their website reflects a professional and comprehensive digital presence with detailed service offerings and strong branding consistency. Technically, the website is built on TYPO3 CMS and hosted likely via Kabelplus infrastructure. It features modern web design, good mobile optimization, and accessibility. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap, despite the presence of some security headers and HSTS configuration. The site uses Google Analytics for user tracking and implements a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the lack of HTTPS and TLS support significantly lowers the security posture, exposing users to potential risks. The DNS configuration is mostly sound but lacks DMARC and DNSSEC, which are recommended for enhanced email and DNS security. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, while the business and website demonstrate professionalism and strong market positioning, addressing the critical security issues and enhancing compliance documentation would improve trustworthiness and reduce risk exposure.

The website www.poyry.com currently serves an HTTP 404 error page indicating that the requested page cannot be found. There is no accessible business content, contact information, or policy documentation available on the site. The technical infrastructure shows hosting on Oracle Cloud with DNS records pointing to Microsoft Outlook for email services. However, the SSL certificate is invalid or missing, and HTTPS is not properly configured, which is a critical security concern. The site uses modern JavaScript frameworks such as LitElement, but this appears to be part of an error page template rather than actual business content. Overall, the website lacks essential content and security features, resulting in a low trust and credibility score.

I

Ing. Punzenberger COPA-DATA GmbH

copadata.com

0

COPA-DATA is a well-established industrial and energy automation software company headquartered in Austria, offering the zenon Software Platform for digital transformation across multiple industries including energy, manufacturing, and transportation. The company maintains a strong global presence with numerous regional offices and a robust partner community, serving over 5,000 customers worldwide with more than 300,000 installations. Their business model focuses on software development, global distribution, and comprehensive support and training services.

Ö

ÖSTU-STETTIN Hoch- und Tiefbau GmbH

oestu-stettin.at

0

ÖSTU-STETTIN Hoch- und Tiefbau GmbH is a large Austrian construction company specializing in underground and high-rise construction projects worldwide. As part of the HABAU GROUP, it offers a comprehensive range of services including mining, garage construction, general contracting, industrial construction, and tunnel building. The website is professionally designed, multilingual (German and English), and provides detailed service information targeting clients in the construction and infrastructure sectors globally. Technically, the site is built on WordPress with a mature plugin ecosystem and hosted on Azure DNS infrastructure. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, exposing users to potential risks. Privacy compliance is well addressed with a GDPR-compliant cookie consent mechanism and a comprehensive privacy policy. No explicit security or incident response policies are published, and no direct contact emails or phone numbers are visible, though social media channels and contact forms are available. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to protect visitors and enhance trust.

The website br-automation.com currently presents minimal accessible content, lacking critical business and security information. The absence of metadata, structured data, and contact details suggests the site is either under development or poorly maintained. Technically, the site uses basic JavaScript but lacks modern frameworks or CMS indications. The hosting server is identified as PWS/8.3.1.0.8, but no DNS records or SSL certificate are properly configured, resulting in an insecure HTTP-only connection. Security posture is weak due to the lack of HTTPS, security headers, and privacy compliance mechanisms. Overall, the site poses a risk to visitors and does not inspire trust or professionalism.

T

TRIGO GmbH

trigo.at

0

TRIGO GmbH is a specialized technology company focused on delivering tailored software solutions that bridge user-centric design with technical expertise. Their market position is that of a cloud-native expert, offering key services such as Data System Development (notably Exosphere), OpenShift consulting and migration, and Single Sign-On solutions leveraging Keycloak. The company targets businesses seeking to scale IT infrastructure, integrate applications, and leverage data effectively. Technically, the website is built on modern frameworks like Next.js and Chakra UI, hosted on Vercel, but lacks HTTPS which is a critical security shortfall. The absence of SSL/TLS exposes the site to risks and undermines trust. Security headers are present but insufficient without HTTPS. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

M

Monopol Medien GmbH

monopol.at

0

Monopol Medien GmbH is a small Austrian media house and agency specializing in content creation, design, social media, event management, web development, and web hosting. The company targets creative industries, culture, and art sectors primarily in Vienna and Austria. Their website is built on WordPress with WooCommerce integration, leveraging popular plugins such as Yoast SEO and Borlabs Cookie for SEO and privacy compliance. While the site demonstrates good content quality, clear navigation, and consistent branding, it suffers from a critical security flaw due to the absence of a valid SSL certificate, resulting in no HTTPS support. This significantly impacts the site's security posture and user trust.

S

SOS-Kinderdorf Österreich

sos-kinderdorf.at

0

SOS-Kinderdorf Österreich is a well-established non-profit organization dedicated to providing loving homes and support to children in need both in Austria and globally. Founded in 1949, it operates in 138 countries and relies on donations, sponsorships, and volunteer engagement to fulfill its mission. The website reflects a professional and consistent brand presence with comprehensive content and clear navigation targeting donors, volunteers, and families in need. Technically, the site uses ASP.NET WebForms with Kentico CMS, integrates modern libraries like jQuery and FontAwesome, and employs a consent management platform for GDPR compliance. However, a critical security gap exists due to the absence of HTTPS and a valid SSL certificate, exposing users to potential risks. Privacy policies and cookie consent mechanisms are well implemented, supporting regulatory compliance. Overall, the site demonstrates strong business credibility and user trust but requires urgent security improvements.

A

Linking people, technology and strategy | Arthur D. Little

adlittle.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 3 critical issues require immediate attention. Total of 26 security findings identified across all modules.

The website emwa.org currently serves a security verification page that blocks access to its main content using Google reCAPTCHA v3. This indicates the presence of a Web Application Firewall (WAF) or similar bot protection mechanism, preventing full content analysis. The domain is mature, registered since 1997, and protected by privacy services, but no visible business or contact information is presented on the landing page. Technically, the site uses Bootstrap for styling and Google reCAPTCHA for security verification but lacks a valid SSL certificate and HTTPS support, which is a critical security deficiency. Performance is poor with a slow load time and large page size for minimal content. No privacy, cookie, or terms of service policies are found, and no contact or social media information is available, limiting trust and credibility assessment.

The website ecml.at currently serves an HTTP 404 Not Found error page with minimal HTML content, indicating that the requested resource is not available. There is no accessible business content, contact information, or policy documentation on the site. The domain is registered in Austria with valid DNS and MX records, suggesting some email infrastructure is in place, but the lack of SSL/TLS and absence of website content severely limit its operational and trustworthiness status. Technically, the site is served by Microsoft-HTTPAPI/2.0 without HTTPS, exposing it to security risks and reducing user trust. The security posture is weak with no modern security headers, no encryption, and no advanced DNS security features enabled. Overall, the site is non-functional from a user perspective and presents critical security and compliance gaps.

Z

ZENTITY a.s.

zentity.com

0

ZENTITY a.s. is a medium-sized technology company specializing in digital transformation platforms, primarily serving the finance, telecommunications, and energy sectors. Their flagship offering, the Digital Accelerator Platform, enables enterprises to unify and personalize customer journeys across multiple digital channels. The company is recognized globally, including frequent mentions in Gartner's Market Guide, and holds ISO 9001 and ISO 27001 certifications, underscoring their commitment to quality and security. Their client portfolio includes notable brands such as Nedbank, KBC, and Vodafone. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery. Hosting is provided by DreamHost. While the site demonstrates good design, navigation, and mobile optimization, performance metrics are lacking, and no valid SSL certificate is configured, resulting in a critical security gap. Forms are protected by Google reCAPTCHA, and contact mechanisms are comprehensive. Security posture is weak due to the absence of HTTPS and modern TLS protocols, lack of security headers, and missing vulnerability disclosure information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is strong, supported by clear contact information, certifications, and client references. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance trust. Strategic recommendations include implementing HTTPS, enabling security headers, and establishing a vulnerability disclosure policy.

M

Moser Holding AG

moserholding.com

0

Moser Holding AG is a well-established Austrian media company with a history dating back to 1945. It operates as a leading media house in Austria, offering a broad portfolio of print and digital media services including newspapers, magazines, corporate publishing, and logistics. The company targets regional audiences primarily in Austria and maintains a strong market position with a large employee base and multiple locations. Technically, the website is built on ASP.NET with Bootstrap and uses common web technologies such as jQuery and Font Awesome. However, the site lacks HTTPS, which is a significant security deficiency. The security posture is weak due to the absence of SSL/TLS, modern security headers, and secure session management over encrypted channels. Privacy policies and cookie policies exist but lack explicit consent mechanisms, indicating partial GDPR compliance. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

D

Das Österreichische Patentamt

patentamt.at

0

Das Österreichische Patentamt is the central government authority in Austria responsible for intellectual property rights including patents, trademarks, and designs. The website serves as an information and service hub offering online filing, advisory services, and educational programs such as the IP Academy. The organization holds ISO 9001 and ISO 27001 certifications, reinforcing its commitment to quality and information security. The site targets a broad audience including inventors, businesses, startups, legal professionals, and students. Technically, the website is built on TYPO3 CMS with modern frontend libraries and frameworks, providing a professional and accessible user experience. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are well implemented but cannot compensate for the lack of encryption. Privacy compliance is strong with comprehensive cookie consent mechanisms and GDPR-aligned policies. Overall, the site is authoritative and trustworthy but requires urgent improvements in SSL/TLS deployment to enhance security posture.

S

SSI SCHAEFER Group

ssi-schaefer.co.uk

0

SSI SCHAEFER Group operates as a global leader in intralogistics, providing modular warehouse and logistics systems to a broad range of industries. The company targets businesses seeking advanced intralogistics solutions, offering products, software, and consulting services. The website reflects a mature enterprise with comprehensive content, multilingual support, and strong branding consistency. Technically, the site uses modern frameworks like Bootstrap and integrates Google Tag Manager for analytics. However, the lack of a valid SSL/TLS certificate and absence of HTTPS significantly weaken the security posture. Security headers are well configured, but the missing HTTPS is a critical vulnerability. Privacy compliance is partially addressed with a privacy policy and terms of service, but no cookie consent mechanism is present. Contact information is available primarily through forms and phone links, though no explicit emails or phone numbers are listed in the content. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in SSL deployment and privacy mechanisms are recommended to enhance trust and security.

T

Tourismusschulen Bad Gleichenberg

tourismusschule.com

0

Tourismusschulen Bad Gleichenberg is a well-established private educational institution in Austria specializing in tourism and hospitality education. With a history dating back to 1946, it offers a variety of programs including practical internships and international exposure, positioning itself as a leading school in its sector. The website reflects a professional and consistent brand image targeting students interested in tourism careers. Technically, the site is built on WordPress with common plugins and scripts but suffers from a critical lack of valid SSL/TLS certificates, exposing it to security risks. Privacy compliance is addressed with cookie consent and a privacy policy, though some security policies are absent. Overall, the site is content-rich and credible but requires urgent security improvements to protect user data and enhance trust.