Security Directory

E

ENVASES Group

minikeg.blog

0

The MiniKEG Blog is operated by the ENVASES Group, a medium-sized German manufacturing company specializing in innovative packaging solutions, particularly 5-liter party kegs. The company holds a strong market position as a world leader in party keg production and packaging innovation. The website serves as an online magazine targeting beverage industry professionals and consumers interested in party kegs, providing product news, quality insights, and customer stories. Technically, the site is built on WordPress with the Divi theme and uses common plugins for cookie consent and newsletter management. However, the site suffers from a critical security flaw: the SSL certificate is invalid or missing, resulting in no HTTPS support and no modern TLS protocols enabled, which significantly impacts security posture. Privacy compliance is addressed with a privacy and cookie policy and consent mechanism, but no terms of service or security policies are published. Contact information is clearly provided, enhancing business credibility. Overall, the website is content-rich and professionally designed but requires urgent security improvements to protect users and business reputation.

4

4DESIGN

4design.com.au

0

4DESIGN is an established Australian industrial design studio with over 50 years of experience, specializing in product development, 3D CAD engineering, prototyping, and manufacturing services. The company targets businesses and startups requiring comprehensive industrial design and engineering solutions. Their market position is strong within the Australian design industry, supported by awards and a professional online presence. Technically, the website is built on WordPress, hosted on WP Engine with Cloudflare CDN, and uses modern web technologies including Google Analytics and Instagram integration. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap. The security posture is basic, lacking modern TLS protocols, HSTS, and other security headers. Privacy compliance is minimal, with a basic privacy policy but no cookie consent mechanism or GDPR indicators. Overall, the business credibility is solid, but security improvements are urgently needed to protect user data and enhance trust.

L

LKW WALTER Internationale Transportorganisation AG

lkw-walter.com

0

LKW WALTER is a well-established European transport organization specializing in full truck load logistics across Europe and neighboring regions such as Russia, Central Asia, the Middle East, and North Africa. The company operates under the WALTER GROUP umbrella and targets businesses requiring reliable and extensive transport services. The website reflects a professional and consistent brand presence with multilingual support for various countries, indicating a broad international market reach. Technically, the website employs modern JavaScript modules, integrates Google Tag Manager, OneTrust for cookie consent, and is hosted on Cloudflare, ensuring fast performance and good mobile optimization. The site uses multiple analytics and marketing tools, including Google Analytics, Hotjar, and Smartsupp chat, with a clear consent mechanism in place, supporting GDPR compliance. From a security perspective, the site enforces HTTPS with a valid GeoTrust certificate and implements several security headers such as Content-Security-Policy and X-Frame-Options. However, it lacks support for modern TLS protocols (TLS 1.2/1.3), OCSP stapling, and full HSTS enforcement, which are recommended to enhance transport security. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in SSL/TLS configuration and enhanced security policies would further strengthen the security posture and trustworthiness.

B

Boston Scientific Corporation

intracept.com

0

The website intracept.com represents the Intracept Procedure by Relievant, a medical treatment for chronic low back pain, supported by clinical evidence and patient testimonials. It is owned by Boston Scientific Corporation, a large healthcare company. The site targets patients and healthcare professionals, providing educational content and resources about the procedure. Technically, the site is built on WordPress with the Divi theme, hosted on WP Engine and served via Cloudflare CDN. It uses modern web technologies and includes tracking tools like Google Tag Manager and Facebook Pixel. However, the site currently lacks a valid SSL certificate, which is a critical security issue. Privacy policies and terms of service are present and comprehensive, but no cookie consent mechanism is detected. Overall, the site is professional and trustworthy but requires urgent security improvements to enable HTTPS and enhance user data protection.

T

The Intracept Procedure by Relievant

relievant.com

0

Relievant.com represents The Intracept Procedure by Relievant, a healthcare-focused business specializing in treatment for chronic low back pain through a clinically supported medical procedure. The website is professionally designed with clear navigation and rich content targeting patients and healthcare providers. It is owned by Boston Scientific Corporation, a recognized entity in the medical device industry. Technically, the site is built on WordPress with the Divi theme and uses common JavaScript libraries and external resources. However, the absence of a valid SSL certificate and HTTPS is a critical security flaw that undermines user trust and data protection. Privacy policies are present and comprehensive, but cookie consent mechanisms are lacking despite the use of tracking pixels. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements.

L

Law in Austria

laa.law

0

Law in Austria is a Vienna-based legal services provider specializing in multimedia, digital, and interdisciplinary legal advice. The firm positions itself as a client-oriented partner offering precise and timely legal solutions. The website reflects a professional and consistent brand image targeting clients seeking legal expertise in Austria. Technically, the site is built on the Webflow CMS platform, leveraging modern web fonts and JavaScript libraries such as jQuery and Finsweet Cookie Consent for privacy compliance. Hosting appears to be via Cloudflare CDN, enhancing content delivery performance. However, a critical security gap exists due to the absence of a valid SSL certificate and lack of HTTPS enforcement, exposing visitors to potential risks. The site implements a cookie consent banner with opt-in capabilities, aligning with GDPR requirements, but lacks explicit contact information and terms of service pages, which could affect user trust and compliance completeness. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to meet industry standards.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

O

Orchestrade

orchestrade.com

0

Orchestrade is a specialized software provider offering a comprehensive cross-asset front-to-back trading and risk management platform primarily targeting investment banks, hedge funds, asset managers, and energy companies. The company positions itself as a market leader with a strong portfolio of industry awards and a broad client base. Technically, the website is built on WordPress with modern plugins and integrations, hosted on WP Engine with Cloudflare protection, and employs multiple analytics and marketing tools. However, the security posture is weakened by the absence of a valid SSL certificate and HTTPS support, which is a critical vulnerability. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates professionalism and trustworthiness but requires urgent security improvements to protect user data and maintain credibility.

M

Murex

murex.com

0

Murex is a leading provider of capital markets technology solutions, offering an integrated platform (MX.3) that supports trading, treasury, risk, and post-trade operations. The company serves a broad range of financial services clients globally, including banks, investment managers, and corporates. Their business model focuses on enterprise software and managed services, with a strong emphasis on regulatory compliance and risk management. The website reflects a mature digital presence with comprehensive content, strong branding, and extensive use of modern marketing and analytics technologies. However, a critical security gap exists due to the absence of HTTPS, which undermines the security posture despite well-implemented security headers. Privacy policies and cookie consent mechanisms are present and GDPR compliant. Overall, the site demonstrates high professionalism and trustworthiness but urgently requires SSL/TLS implementation to secure user data and communications.

Moody's Analytics is a well-established enterprise providing financial intelligence and risk management solutions primarily targeting financial institutions and business leaders. The company operates under the parent company Moody's Corporation and holds a strong market position in the finance sector. However, the website content is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block triggered by an ASN restriction, which prevents direct content analysis. The technical infrastructure includes Cloudflare for security and performance, but the SSL configuration lacks modern TLS protocol support and some security best practices such as HSTS and OCSP stapling are not enabled. Security headers are partially implemented, providing a basic security posture. The WHOIS data confirms the domain's legitimacy and consistency with the corporate identity. Overall, the website's security posture is basic but could be improved, and the lack of accessible content limits the ability to assess privacy compliance and user experience.

I

ITRS Group

itrsgroup.com

0

ITRS Group is a leading provider of AI-powered real-time monitoring and observability solutions tailored for demanding and regulated industries such as finance and investment banking. The company is recognized as a visionary in the digital experience monitoring space, serving top-tier investment banks and thousands of customers worldwide. Their platform focuses on preventing system outages, enhancing performance, and enabling continuous innovation through intelligent observability and digital experience monitoring. Technically, the website is built on Drupal 10 and leverages a modern technology stack including Google Tag Manager, Zendesk, Uptrends, and Cloudflare, hosted on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance metrics indicate moderate speed. Security headers are well implemented, but the SSL configuration is currently invalid, lacking proper TLS protocol support and OCSP stapling, which poses a significant security risk. From a security perspective, while the site employs several best practices such as Content Security Policy and X-Frame-Options, the absence of a valid SSL certificate and disabled TLS protocols significantly reduce the security posture. No critical vulnerabilities like exposed credentials or malware were detected, but improvements in SSL configuration and session management are recommended. Overall, the website presents a professional and trustworthy image with comprehensive privacy and cookie policies, clear contact information, and strong business credibility. The domain registration details align with the company's UK-based operations, supporting its legitimacy. Strategic recommendations include immediate SSL renewal and configuration, enhanced security monitoring, and continued compliance with privacy regulations.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

F

Fenergo

fenergo.com

0

Fenergo is a medium-sized SaaS financial technology company founded in 2009, specializing in client lifecycle management (CLM) and regulatory compliance solutions for banking and financial institutions. The company offers a comprehensive suite of services including KYC, client onboarding, transaction monitoring, and regulatory compliance, supported by AI-powered technologies such as FinCrime OS and Agentic AI. Fenergo is recognized as a market leader in its sector, with strong client endorsements and multiple industry awards. Technically, the website is built on Webflow and leverages modern JavaScript libraries and Cloudflare CDN for delivery, with good mobile optimization and SEO practices. However, the site currently lacks a valid SSL certificate and modern TLS support, which is a critical security concern. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanisms. Overall, the business demonstrates strong credibility and trustworthiness, but the security posture requires urgent improvement to protect user data and maintain compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

M3 PARK SERVICE Szolgáltató és Üzemeltető Korlátolt Felelősségű Társaság

m3outlet.hu

0

M3 Outlet is a retail outlet shopping center located in Polgár, Hungary, offering over 100 fashion brands with discounts ranging from 30% to 70%. The website targets regional shoppers interested in branded fashion products and provides multilingual support including Hungarian, English, Romanian, and Slovak. Key services include retail shopping, promotions, customer amenities such as free wifi, and tourism-related offerings like tax-free shopping. The business operates under M3 PARK SERVICE Kft., positioning itself as a significant regional outlet center with a medium-sized footprint. Technically, the website is built on Concrete CMS 9.3.2 and utilizes modern frontend technologies such as jQuery, Bootstrap 5, and Owl Carousel. Google Tag Manager is used for analytics and marketing tracking. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a critical security deficiency. Performance data is missing, but inferred to be slow. Mobile optimization and SEO are good, but accessibility is basic. Security posture is weak due to the absence of HTTPS, lack of HSTS, and missing advanced security headers. No explicit privacy or cookie consent mechanisms are implemented, and no security or incident response policies are visible. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professionally designed but requires urgent security improvements, especially SSL/TLS configuration, to protect user data and improve trust. Implementing privacy compliance features and enhancing security headers would further strengthen the security posture.

M

Malmö Designer Village

malmodesignervillage.com

0

Malmö Designer Village is a premium retail outlet project positioned as the largest outlet in Scandinavia and the first premium outlet village serving the Greater Copenhagen region. The business model focuses on offering discounted fashion and lifestyle brands to residents and tourists in the Malmö and Copenhagen area. The website is built on the Squarespace platform, featuring professional design and clear navigation but lacks a valid SSL certificate, resulting in no HTTPS support. This is a critical security shortfall. The site includes a contact form for inquiries but does not provide explicit email addresses or phone numbers. Privacy compliance is minimal, with a basic privacy policy page but no cookie consent mechanism. Social media presence is limited to LinkedIn. Overall, the site demonstrates moderate digital maturity but requires significant security improvements to protect user data and build trust.

Designer Outlet Luxembourg operates a retail outlet shopping center featuring over 60 major brands offering discounts year-round. The website presents a professional and consistent brand image targeting shoppers in Luxembourg and nearby regions. The technical infrastructure is based on TYPO3 CMS hosted on Apache servers with integration of modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Cookiebot for GDPR compliance. Security posture is adequate with a valid SSL certificate but lacks modern TLS protocol support and some advanced security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Contact information and social media presence enhance business credibility. Overall, the website is functional, secure, and compliant with relevant regulations, supporting the business's retail operations effectively.

P

PEIQ

peiq.de

0

PEIQ is a medium-sized German company specializing in cloud-based publishing software solutions tailored for the DACH region's media industry. Their product portfolio includes automated newspaper production (PEIQ PRINT), a digital editor for multi-channel content creation (PEIQ CREATE), and a proprietary CMS platform (PEIQ PORTAL). The company holds a strong market position, serving major newspapers and media groups, with a significant share of newspaper circulation produced using their systems. Technically, the website employs modern JavaScript frameworks and responsive design, but lacks a valid SSL certificate, which is a critical security concern. The site includes cookie consent mechanisms and basic privacy compliance but lacks visible security policies or incident response contacts. Overall, the business demonstrates professionalism and trustworthiness, though the absence of HTTPS significantly impacts security posture and user trust.

C

ConSol* Consulting & Solutions Software Poland Sp. z o.o.

consol.pl

0

ConSol* Consulting & Solutions Software Poland Sp. z o.o. is a reputable IT service provider specializing in custom IT solutions, software architecture, web application development, and managed services. The company serves a diverse range of industries with a focus on digital transformation and technological excellence. Their market position is reinforced by notable clients and an ISO 27001 certification, indicating a strong commitment to information security. Technically, the website is built on TYPO3 CMS with modern frameworks and libraries, ensuring good performance, mobile optimization, and accessibility. Security measures include robust HTTP headers, valid SSL certificates, and no detected vulnerabilities, although enabling OCSP stapling and enhancing HSTS settings could improve security further. Privacy compliance is well addressed with comprehensive privacy and cookie policies, consent mechanisms, and moderate user tracking via Matomo analytics. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity, supporting the company's credibility and business goals.

Nice Software B.V. operates the paranice.nl website, providing specialized software solutions for paramedical care, medical specialist rehabilitation, and geriatric rehabilitation in the Netherlands. Their offerings include electronic patient dossiers (EPD), planning, declaration management, and mobile applications tailored to healthcare providers. The company targets healthcare institutions such as hospitals, rehabilitation centers, and care organizations, positioning itself as an established player with a mature domain and active partnerships. The website content is professional, well-structured, and provides clear contact channels, supporting a positive business image. Technically, the website uses a traditional web stack with jQuery, Bootstrap, and several JavaScript libraries. Hosting and domain registration are managed by Claranet Benelux B.V., a reputable provider. However, the site lacks a valid SSL certificate and does not support HTTPS, which is a significant security and trust concern. The site implements Google Analytics and Google reCAPTCHA v3 for analytics and bot protection, and it includes GDPR-compliant privacy and cookie policies with consent mechanisms. From a security perspective, the absence of HTTPS and modern TLS protocols severely impacts the security posture. Minimal security headers and lack of DNSSEC or domain protection locks further reduce security confidence. While forms use reCAPTCHA and secure cookies, the overall security configuration is basic and requires urgent improvement to protect user data and maintain trust. Overall, the website is functional and business-appropriate but suffers from critical security shortcomings. Addressing SSL/TLS issues and enhancing security headers would significantly improve the security posture and user trust. The business appears legitimate and established, but the security gaps present risks that should be prioritized.

The website consol-software.at currently presents only a minimal placeholder page with the title 'HTTP only' and the text 'HTTP only. Redirect?'. There is no meaningful content, metadata, or business information available on the site. The domain is registered but lacks any DNS records, including A, AAAA, MX, or NS records, which indicates the domain is not properly configured for web or email services. The SSL/TLS configuration is absent or invalid, with no supported TLS protocols and no valid certificate, resulting in no HTTPS support despite the presence of an HSTS header. This severely impacts the security posture and trustworthiness of the site. Technically, the site is hosted on an Apache server but lacks modern web technologies, frameworks, or CMS platforms. Performance data is unavailable, and the site is not optimized for mobile or accessibility. No analytics, advertising, or tracking technologies are detected. Security headers are partially present but ineffective due to the lack of HTTPS. No privacy, cookie, or terms of service policies are found, and no contact or business information is provided. From a security perspective, the absence of HTTPS and DNS records, combined with minimal content, suggests the site is either inactive, under development, or abandoned. There are no indications of WAF or security challenge blocking access. The overall risk is high due to poor security configuration and lack of transparency. Strategic recommendations include obtaining a valid SSL certificate, properly configuring DNS records, and publishing meaningful content and policies to improve trust and compliance.

W

webcapital

quli.nl

0

Quli.nl is a Dutch digital health platform offering a Personal Health Environment (PGO) that centralizes users' healthcare data, enabling better management and communication with healthcare providers. The platform targets patients, caregivers, healthcare organizations, and patient groups, positioning itself as a leader in digital accessibility and personal health data management in the Netherlands. The website is built on WordPress with modern web technologies and integrates Google Analytics and Tag Manager for analytics and marketing purposes. Security headers are properly configured; however, the absence of a valid SSL certificate and HTTPS implementation is a critical vulnerability that significantly impacts the site's security posture. Privacy policies and cookie consent mechanisms are well implemented and GDPR compliant. Overall, the site demonstrates good content quality and business credibility but requires urgent improvements in SSL/TLS configuration to ensure secure user interactions.

C

ConSol Consulting & Solutions Software GmbH

consol.com

0

ConSol Consulting & Solutions Software GmbH is a medium-sized, owner-managed IT service provider founded in 1984 in Germany. The company specializes in delivering customized IT solutions, supporting clients throughout the entire software lifecycle with a focus on agility, innovation, and technical excellence. Their offerings include IT consulting, software engineering, cloud and platform engineering, AI, automation, and product solutions based on open-source technologies. The company maintains strong partnerships with industry leaders such as Red Hat, AWS, SUSE, and others, reinforcing its market position. Technically, the website is built on TYPO3 CMS with modern front-end frameworks like Bootstrap and utilizes various JavaScript libraries for enhanced user experience. Analytics are implemented via Matomo and Google Tag Manager, with a comprehensive cookie consent mechanism ensuring GDPR compliance. The site is well-optimized for performance, mobile responsiveness, and accessibility. From a security perspective, the site uses HTTPS with a valid SSL certificate but lacks modern TLS protocol support and full HSTS implementation. Security headers are present but could be enhanced. No critical vulnerabilities or exposures were detected. The company demonstrates compliance with data protection regulations, supported by ISO 9001 and ISO 27001 certifications. Overall, ConSol presents a professional, trustworthy, and technically mature online presence with strong business credibility and a good security posture. Strategic improvements in SSL/TLS configuration and security header enhancements are recommended to further strengthen their security stance.

T

The AES Corporation

lightingsimplified.com

0

Miami Valley Lighting, a division of The AES Corporation, specializes in providing comprehensive outdoor lighting solutions including street lighting, parking lot and security lighting, decorative lighting, and customized solutions primarily serving West Central Ohio. The company positions itself as a regional leader with a focus on safety, security, energy savings, and responsive maintenance services. The website is built on Drupal 10 with modern front-end technologies and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. However, the absence of a valid SSL certificate and disabled TLS protocols represent significant security vulnerabilities that undermine user trust and data protection. Privacy and cookie policies are present but basic, and no explicit security or incident response policies are published. Overall, the website demonstrates good content quality and business credibility but requires urgent security improvements to meet modern standards.

N

Netz Burgenland GmbH

netzburgenland.at

0

Netz Burgenland GmbH operates as a regional energy network operator in Burgenland, Austria, providing reliable electricity and gas distribution services. The company emphasizes customer service and offers a range of services including smart metering, energy communities, and infrastructure support. The website reflects a professional and well-structured digital presence, leveraging modern technologies such as Next.js and React, hosted on AWS infrastructure. However, a critical security gap exists due to the absence of a valid SSL/TLS certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. While contact information and business legitimacy are clearly established, privacy compliance could be improved by implementing cookie consent mechanisms and publishing security policies. Overall, the site is content-rich and trustworthy but requires urgent security enhancements to protect user data and maintain trust.

A

AES Hawai‘i

aes-hawaii.com

0

AES Hawai‘i is a regional branch of the global AES Corporation, focused on accelerating the transition to renewable and clean energy solutions in Hawai‘i. The company operates multiple renewable energy projects and emphasizes sustainability, community partnerships, and innovation. The website is professionally designed using Drupal 10 and modern web technologies, providing a rich user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS, security headers, and a content security policy, though improvements such as enabling full HSTS and OCSP stapling are recommended. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site reflects a mature digital presence aligned with the company's business goals and market position.

N

NewMotoAsset GmbH

drivebeem.at

0

drivebeem is an Austrian company specializing in electric vehicle subscriptions, offering all-inclusive monthly plans that cover vehicle costs, insurance, maintenance, and charging solutions. The company targets both private customers and businesses, providing flexible subscription durations and additional services such as wallbox installations and photovoltaic energy solutions. The website is professionally designed with clear navigation and comprehensive content, including detailed FAQs and legal documentation. Technically, the site uses modern frameworks like Next.js and React, with content managed via a WordPress headless CMS. However, the website lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Security headers are partially implemented, but critical TLS protocols and certificate transparency are missing. Privacy compliance is generally good with a clear privacy policy, though no cookie consent mechanism was detected. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and informative but requires urgent security improvements to protect user data and build trust.

T

The AES Corporation

aes-vietnam.com

0

AES Vietnam operates as a regional branch of The AES Corporation, a global energy company focused on delivering sustainable and clean energy solutions. The website reflects a mature digital presence with comprehensive content in Vietnamese, targeting energy sector stakeholders and community partners. The company emphasizes sustainability, innovation, and community development as core pillars of its business model. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. Security posture is solid with HTTPS and multiple security headers, though TLS protocols are not enabled, which is a notable gap. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration details align well with the corporate identity, supporting legitimacy. Overall, the site presents a professional, trustworthy, and well-maintained digital asset for AES Vietnam.

S

SONNENABO

sonnenabo.at

0

SonnenAbo is a regional energy service provider based in Austria offering local solar power subscriptions through community photovoltaic parks. The business model focuses on enabling residents to access renewable energy without upfront investment, promoting sustainability and energy community membership. The website is professionally designed using modern web technologies such as Next.js and hosted on AWS infrastructure. However, the site lacks a valid SSL certificate and does not enforce HTTPS, which is a critical security vulnerability. Additionally, no cookie consent mechanism is present despite the use of Google Tag Manager, indicating partial privacy compliance. Contact information is available primarily as a physical address and contact page, but no direct emails or phone numbers are exposed. Overall, the website demonstrates moderate digital maturity but requires urgent security improvements to protect user data and enhance trust.

T

The AES Corporation

aespuertorico.com

0

AES Puerto Rico operates as a regional subsidiary of The AES Corporation, focusing on accelerating the future of energy through sustainable and smart energy solutions. The website demonstrates a strong market position in the energy sector with a clear emphasis on clean energy, community partnerships, and innovation. The company targets energy consumers, businesses, and community stakeholders in Puerto Rico and related AES markets. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no detected vulnerabilities, although some improvements in SSL configuration and security policy transparency are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with the business's global and local energy initiatives.

F

Fanclub Burgenland Energieunabhängig

fcbe.at

0

Fanclub Burgenland Energieunabhängig is a regional energy community initiative based in Burgenland, Austria, focused on promoting renewable energy usage through wind and solar power. The organization offers membership benefits including access to renewable energy at attractive prices, participation in regional energy projects, and digital services to support energy independence. The website is well-designed, content-rich, and targets residents, businesses, and municipalities interested in sustainable energy solutions. Technically, the site uses modern web frameworks such as Next.js and is hosted on AWS infrastructure, but suffers from a critical security shortfall due to the absence of a valid SSL certificate and HTTPS support. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and explicit data processing consents in forms. Contact information is clearly provided, enhancing business credibility. However, the lack of cookie consent mechanisms and security headers reduces the overall security posture. Strategic improvements in SSL deployment and security best practices are recommended to enhance trust and compliance.

T

The AES Corporation

aespanama.com

0

AES Panama is a regional branch of The AES Corporation, a large multinational energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website targets energy consumers, business clients, investors, and community partners primarily in Panama and other global markets. The company emphasizes community investment, sustainability, and advanced energy technologies. Technically, the website is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support despite security headers and policies being in place. Privacy and cookie policies are present and indicate some GDPR compliance, but no explicit incident response or security policy pages were found. The domain registration data is consistent and trustworthy, with no signs of suspicious activity. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

A

A1 Telekom Austria AG

befunkt.at

0

BE.funkt is a telecommunications service provider offering affordable mobile and internet tariffs primarily targeting consumers in Austria. The business operates as a joint project between Burgenland Energie and A1 Telekom Austria AG, leveraging the A1 network to provide 5G mobile services, eSIM options, and hardware sales such as smartphones and 5G webcubes. The website presents a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, and Swiper.js, ensuring good mobile optimization and user experience. However, the absence of a valid SSL/TLS certificate is a critical security flaw, exposing users to insecure connections. The site implements a cookie consent modal indicating some privacy compliance efforts, but lacks a visible privacy policy page and security policies. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and professional but requires urgent security improvements to protect user data and trust.

T

The AES Corporation

aes-ohio.com

0

AES Ohio operates as a regional energy utility under The AES Corporation, providing electricity services and customer support to residential and commercial customers in Ohio. The website offers comprehensive information on energy supply options, billing, outages, safety, and sustainability initiatives. It leverages modern web technologies including Drupal 10 CMS and integrates multiple third-party analytics and marketing tools to enhance user engagement and service delivery. However, the absence of a valid SSL certificate and HTTPS implementation significantly undermines the site's security posture, exposing users to potential risks. Privacy and cookie policies are well-established, indicating a commitment to compliance and user data protection. Overall, the site presents a professional and content-rich experience but requires urgent security improvements to align with best practices.

A

aesmex.com

aesmex.com

0

Security assessment incomplete. Successfully analyzed: nis2, emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr. 14 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

T

The AES Corporation

aesindiana.com

0

AES Indiana is a large regional energy provider operating under The AES Corporation, focused on delivering electric utility services to residential and business customers in Indiana. The website offers comprehensive information on billing, outages, energy saving, and company initiatives, reflecting a mature business model with significant investments in infrastructure and digital transformation. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools, indicating a high level of digital maturity. However, the absence of a valid SSL certificate and HTTPS severely impacts the security posture, exposing users to potential risks. While security headers and content security policies are implemented, critical gaps remain in SSL configuration and incident response transparency. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and enhance compliance.

A

AES El Salvador

aes-elsalvador.com

0

AES El Salvador operates as a major energy provider in El Salvador, offering electricity distribution, generation, and energy solutions. The website reflects a well-established corporate entity with a broad service portfolio and strong community engagement. The technical infrastructure is modern, leveraging Drupal 10 CMS and multiple JavaScript libraries for enhanced user experience and analytics. However, the absence of a valid SSL certificate is a critical security gap, undermining the site's HTTPS security and potentially affecting user trust. Privacy and cookie policies are comprehensive and GDPR compliant, supporting good privacy practices. Overall, the site is professional and content-rich but requires urgent security improvements to meet modern standards.

S

Storebrand

storebrand.se

0

Storebrand is a well-established Nordic financial services group specializing in pensions, insurance, and asset management. With a history dating back to 1767 and assets under management exceeding 1,400 billion NOK, it holds a leading market position in Norway and the broader Nordic region. The website reflects a mature business with clear branding, comprehensive service offerings, and a focus on sustainability. Technically, the site uses modern frameworks such as Blazor and integrates with Salesforce and various analytics and marketing tools, indicating a high level of digital maturity. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. Privacy compliance is strong, with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is professional and trustworthy but requires urgent security improvements to protect user data and maintain trust.

T

The AES Corporation

aesdominicana.com

0

AES Dominicana is a regional subsidiary of The AES Corporation, focused on accelerating the future of energy through sustainable and innovative solutions in the Dominican Republic. The website presents a professional corporate image with comprehensive content about their products, sustainability initiatives, community partnerships, and investor relations. Technically, the site is built on Drupal 10 with modern frontend libraries and integrates multiple analytics and marketing tools. However, a critical security issue is the absence of a valid SSL certificate and HTTPS, which severely impacts the security posture. The site implements strong security headers and content security policies but lacks advanced SSL/TLS configurations and DNS security features. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the site is credible and professionally maintained but requires urgent security improvements to protect user data and trust.

A

Casa | AES Colombia | AES Colombia

aescol.com

0

Security assessment completed with an overall score of 0/100 (unknown risk). 1 critical issues require immediate attention. Total of 21 security findings identified across all modules.

A

AES Chile

aeschile.com

0

AES Chile operates as a major energy company focused on accelerating the future of energy through sustainable and innovative solutions. The company emphasizes renewable energy, advanced energy networks, energy storage, and community partnerships. The website reflects a strong corporate presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on Drupal 10 with modern frontend technologies and integrates multiple analytics and marketing tools. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS configuration, which significantly impacts the security posture. Privacy and cookie policies are well implemented with consent mechanisms, supporting GDPR compliance. Overall, the site presents a professional and trustworthy image but requires urgent security improvements to protect users and data.

T

The AES Corporation

aesbulgaria.com

0

AES Bulgaria operates as a regional branch of The AES Corporation, a global energy company focused on accelerating the future of energy through sustainable and innovative solutions. The website presents a professional corporate image emphasizing clean energy, sustainability, community partnerships, and employee engagement. The technical infrastructure is based on Drupal 10 CMS with modern frontend libraries and integrations with multiple analytics and marketing tools, indicating a mature digital presence. However, a critical security gap exists due to the absence of a valid SSL certificate and HTTPS support, which significantly impacts the site's security posture. The site implements strong security headers and content security policies but lacks visible incident response or vulnerability disclosure information. Overall, the domain registration data aligns well with the corporate identity, supporting legitimacy. Strategic improvements in SSL deployment and security practices are recommended to enhance trust and compliance.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 7 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

Security assessment incomplete. Successfully analyzed: emailSecurity, sslTls, dnsHealth, networkSecurity. Failed to analyze: securityHeaders, gdpr, nis2. 8 security issues were identified in the completed modules. The website may be inaccessible or protected by security measures. Please retry the scan or verify website accessibility.

M

MSD Tiergesundheit Österreich

msd-tiergesundheit.at

0

MSD Tiergesundheit Österreich operates as a prominent veterinary pharmaceutical provider in Austria, offering a broad range of veterinary medicines and vaccines. The website serves multiple target audiences including veterinarians and animal owners, providing product information, news, and educational resources. The business is part of the global Merck & Co., Inc. group, indicating a strong market position and established brand presence. The site features professional design, consistent branding, and comprehensive content tailored to the veterinary healthcare sector. Technically, the website is built on WordPress VIP with modern SEO and analytics integrations, but suffers from critical SSL/TLS deficiencies that undermine security and trust. Security headers are well implemented, but the absence of a valid SSL certificate and HTTPS support is a major vulnerability. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site demonstrates good digital maturity but requires urgent security improvements to protect user data and maintain credibility.

A

Abzorba Games

abzorbagames.com

0

Abzorba Games is a medium-sized technology company specializing in mobile social casino games, founded in 2011 in Greece. The company offers multiplayer casino titles and B2B partnership opportunities to leverage brand presence in the social gaming market. The website is built on WordPress with Elementor and targets mobile social casino players and industry partners. Technically, the site uses standard web technologies but lacks HTTPS, which is a critical security gap. The cookie consent mechanism is implemented via OneTrust, indicating awareness of privacy compliance. However, no explicit security or incident response policies are present. Overall, the site presents a professional business image but requires urgent security improvements to protect user data and enhance trust.

L

LexisNexis

compliance-praxis.at

0

Compliance Praxis is Austria's largest compliance network providing comprehensive information media, partner networks, and events to support professionals in the expanding field of compliance. The website is professionally designed, content-rich, and targets compliance officers, legal experts, and organizations interested in compliance and ESG topics within Austria. Technically, the site runs on Gentics CMS with nginx server and integrates modern marketing and analytics tools such as Google Tag Manager and Mailchimp. However, the absence of a valid SSL certificate and HTTPS configuration represents a significant security vulnerability. Privacy and cookie policies are well implemented and GDPR compliant. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and trust.

H

HUMANIC

humanic.net

0

HUMANIC is a well-established shoe retailer and manufacturer with over 150 years of history, operating both physical stores and online shops across multiple Central and Eastern European countries. The company offers a broad range of footwear and accessories targeting consumers seeking quality and variety. Their market position is strong, especially in Austria, with a recognized brand and customer loyalty programs. Technically, the website is built on SAP Commerce (Hybris) platform, leveraging modern marketing and analytics tools such as Google Analytics, Dynamic Yield, and Usercentrics for consent management. The site is hosted behind Cloudflare, ensuring basic security and performance benefits. Security posture is adequate with HTTPS enforced and several security headers present, although TLS protocols are outdated and some security enhancements like HSTS preload and OCSP stapling are missing. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and functional, with room for technical and security improvements.

F

Fluidtime Data Services GmbH

fluidlife.app

0

FluidLife is a German-language SaaS platform focused on corporate mobility and resource management, helping companies achieve sustainability goals through modular tools including routing, ride sharing, CO2 reporting, and employee motivation. The website is professionally designed with comprehensive content and clear navigation, targeting companies, municipalities, and NGOs primarily in Austria and German-speaking regions. Technically, the site is built on WordPress with modern SEO and analytics integrations but lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security vulnerability. Privacy compliance is well addressed with cookie consent mechanisms and detailed privacy policies. Contact information and business details are clearly presented, enhancing credibility. However, the absence of HTTPS and modern security headers significantly lowers the security posture and overall trust score. Strategic improvements in SSL deployment and security hardening are essential to elevate the site's security and user trust.

B

Boxcar

boxcar.com

0

Boxcar is a regional transportation company specializing in commuter bus services and complementary local services such as grill cleaning, knife sharpening, and auto detailing. The company targets commuters in the New Jersey and New York City metropolitan area, offering reserved seating, Wi-Fi, and other amenities to enhance the commuting experience. The website presents a professional and consistent brand image with clear service offerings and customer testimonials, positioning Boxcar as a trusted local transportation provider. Technically, the website is built on the Webflow platform, leveraging modern frontend technologies including jQuery and Google Fonts, and is hosted behind Cloudflare. While the site is mobile-optimized and well-structured, performance data is missing, and the SSL/TLS configuration is critically deficient, lacking a valid certificate and modern protocol support. This represents a significant security risk. From a security perspective, the absence of HTTPS and TLS protocols severely undermines the site's security posture, exposing users to potential data interception and undermining trust. Although privacy and terms of service policies are present and comprehensive, the lack of a cookie consent mechanism despite active tracking scripts indicates partial privacy compliance. Contact information is clearly provided, supporting business credibility. Overall, Boxcar's website demonstrates good content quality and business credibility but suffers from critical security shortcomings that must be addressed urgently to protect user data and maintain trust. Strategic improvements in SSL/TLS deployment and privacy compliance will significantly enhance the site's security and compliance posture.